Java I/O: Context-Specific Deserialization Filters

AnghelLeonard · AnghelLeonard · commit 41124aadb48a · 2023-10-13T09:36:45.000+03:00
diff --git a/Chapter06/P131_ObjectToByteArraySer/README.md b/Chapter06/P131_ObjectToByteArraySer/README.md
@@ -0,0 +1,2 @@
+# Serializing objects to byte arrays:
+Write a Java application that exposes two helper methods for serializing/deserializing objects to/from byte[].
diff --git a/Chapter06/P132_ObjectToStringSer/README.md b/Chapter06/P132_ObjectToStringSer/README.md
@@ -0,0 +1,2 @@
+# Serializing objects to strings:
+Write a Java application that exposes two helper methods for serializing/deserializing objects to/from String.
diff --git a/Chapter06/P133_ObjectToXML/README.md b/Chapter06/P133_ObjectToXML/README.md
@@ -0,0 +1,2 @@
+# Serializing objects to XML:
+Exemplify at least two approaches for serializing/deserializing objects to/from XML format.
diff --git a/Chapter06/P135_PatternBasedStreamGlobalFilter/README.md b/Chapter06/P135_PatternBasedStreamGlobalFilter/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom pattern-based ObjectInputFilter:
+Provide an example of implementing and setting a custom pattern-based filter via the ObjectInputFilter API.
diff --git a/Chapter06/P135_PatternBasedStreamSpecificFilter/README.md b/Chapter06/P135_PatternBasedStreamSpecificFilter/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom pattern-based ObjectInputFilter:
+Provide an example of implementing and setting a custom pattern-based filter via the ObjectInputFilter API.
diff --git a/Chapter06/P136_CustomClassFilter/README.md b/Chapter06/P136_CustomClassFilter/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom class ObjectInputFilter:
+Exemplify the creation of an ObjectInputFilter via a class implementation. 
diff --git a/Chapter06/P137_CustomMethodFilter1/README.md b/Chapter06/P137_CustomMethodFilter1/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom method ObjectInputFilter:
+Exemplify the creation of an ObjectInputFilter via a method implementation. 
diff --git a/Chapter06/P137_CustomMethodFilter2/README.md b/Chapter06/P137_CustomMethodFilter2/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom method ObjectInputFilter:
+Exemplify the creation of an ObjectInputFilter via a method implementation. 
diff --git a/Chapter06/P138_CustomLambdaFilter/README.md b/Chapter06/P138_CustomLambdaFilter/README.md
@@ -0,0 +1,2 @@
+# Implementing a custom lambda ObjectInputFilter:
+Exemplify the creation of an ObjectInputFilter via a lambda expression.
diff --git a/Chapter06/P139_DeserializationStackOverflowError/README.md b/Chapter06/P139_DeserializationStackOverflowError/README.md
@@ -0,0 +1,2 @@
+# Avoiding StackOverflowError at deserialization:
+First, write a snippet of code that can be successfully serialized but, at the deserialization phase, causes a StackOverflowError. Second, write a filter that avoids this unpleasant scenario.
diff --git a/Chapter06/P140_DeserializationDoS/README.md b/Chapter06/P140_DeserializationDoS/README.md
@@ -0,0 +1,2 @@
+# Avoiding DoS attacks at deserialization:
+First, write a snippet of code that can be successfully serialized but, at the deserialization phase, causes a DoS attack. Second, write a filter that avoids this unpleasant scenario.
diff --git a/Chapter06/P141_JDK17CustomFilter/README.md b/Chapter06/P141_JDK17CustomFilter/README.md
@@ -0,0 +1,2 @@
+# Introducing JDK 17 easy filter creation:
+Explain and exemplify the usage of the JDK 17 allowFilter() and rejectFilter() methods.
diff --git a/Chapter06/P142_JDK17CustomFilterFactory/README.md b/Chapter06/P142_JDK17CustomFilterFactory/README.md
@@ -0,0 +1,2 @@
+# Tackling context-specific deserialization filters:
+Explain and exemplify the usage of JDK 17 Filter Factories.
diff --git a/Chapter06/P143_MonitoringDeserializationJfr/README.md b/Chapter06/P143_MonitoringDeserializationJfr/README.md
@@ -0,0 +1,2 @@
+# Monitoring Deserialization via JFR:
+Exemplify the usage of Java Flight Recorder (JFR) for monitoring a deserialization event.

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Serializing objects to byte arrays:`
	`2`	`+Write a Java application that exposes two helper methods for serializing/deserializing objects to/from byte[].`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Serializing objects to strings:`
	`2`	`+Write a Java application that exposes two helper methods for serializing/deserializing objects to/from String.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Serializing objects to XML:`
	`2`	`+Exemplify at least two approaches for serializing/deserializing objects to/from XML format.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Implementing a custom pattern-based ObjectInputFilter:`
	`2`	`+Provide an example of implementing and setting a custom pattern-based filter via the ObjectInputFilter API.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Implementing a custom class ObjectInputFilter:`
	`2`	`+Exemplify the creation of an ObjectInputFilter via a class implementation.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Implementing a custom method ObjectInputFilter:`
	`2`	`+Exemplify the creation of an ObjectInputFilter via a method implementation.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Implementing a custom lambda ObjectInputFilter:`
	`2`	`+Exemplify the creation of an ObjectInputFilter via a lambda expression.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Avoiding StackOverflowError at deserialization:`
	`2`	`+First, write a snippet of code that can be successfully serialized but, at the deserialization phase, causes a StackOverflowError. Second, write a filter that avoids this unpleasant scenario.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Avoiding DoS attacks at deserialization:`
	`2`	`+First, write a snippet of code that can be successfully serialized but, at the deserialization phase, causes a DoS attack. Second, write a filter that avoids this unpleasant scenario.`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+# Introducing JDK 17 easy filter creation:`
	`2`	`+Explain and exemplify the usage of the JDK 17 allowFilter() and rejectFilter() methods.`