Java I/O: Context-Specific Deserialization Filters
This chapter includes 13 problems related to Java serialization/deserialization processes. We start with classical problems like serializing/deserializing objects to byte[]
, String
, and XML. We continue with JDK 9 deserialization filters meant to prevent deserialization vulnerabilities, and we finish with JDK 17 (JEP 415, final) context-specific deserialization filters.
At the end of this chapter, you’ll be skilled in solving almost any problem related to serializing/deserializing objects in Java.