BinaryFormatter in deep copy is deprecated because it contains security vulnerabilities #6
Comments
examplepublic static class CloneExtensions
{
public static T DeepCopy<T>(this T obj)
where T : class
{
using var ms = new MemoryStream();
var options = new JsonSerializerOptions
{
ReferenceHandler = ReferenceHandler.Preserve,
PropertyNamingPolicy = JsonNamingPolicy.CamelCase
};
JsonSerializer.SerializeAsync(ms, obj, options);
ms.Position = 0;
return JsonSerializer.Deserialize<T>(ms, options);
}
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Whether to consider replacement, official original: Information: https://learn.microsoft.com/zh-cn/dotnet/standard/serialization/binaryformatter-security-guide#binaryformatter-security- vulnerabilities
Controls
The text was updated successfully, but these errors were encountered: