程序包 cn.taketoday.util

类 SerializationUtils

java.lang.Object
cn.taketoday.util.SerializationUtils
public abstract class SerializationUtils extends Object
Static utilities for serialization and deserialization using Java Object Serialization.

WARNING: These utilities should be used with caution. See Secure Coding Guidelines for the Java Programming Language for details.

从以下版本开始:
4.0 2022/3/9 21:17
作者:
Dave Syer, Loïc Ledoyen, Sam Brannen, Harry Yang

  • 构造器详细资料

    • SerializationUtils

      public SerializationUtils()

  • 方法详细资料

    • serialize

      @Nullable public static byte[] serialize(@Nullable Object object)
      Serialize the given object to a byte array.
      参数:
      object - the object to serialize
      返回:
      an array of bytes representing the object in a portable fashion

    • deserialize

      @Deprecated @Nullable public static Object deserialize(@Nullable byte[] bytes)
      已过时。
      This utility uses Java Object Serialization, which allows arbitrary code to be run and is known for being the source of many Remote Code Execution (RCE) vulnerabilities.

      Prefer the use of an external tool (that serializes to JSON, XML, or any other format) which is regularly checked and updated for not allowing RCE.

      Deserialize the byte array into an object.
      参数:
      bytes - a serialized object
      返回:
      the result of deserializing the bytes

    • clone

      @Nullable public static <T extends Serializable> T clone(T object)
      Clone the given object using Java Object Serialization.
      类型参数:
      T - the type of the object to clone
      参数:
      object - the object to clone
      返回:
      a clone (deep-copy) of the given object