public XStreamSolutionFileIO(Class... xStreamAnnotatedClasses) { xStream = new XStream(); xStream.setMode(XStream.ID_REFERENCES); xStream.processAnnotations(xStreamAnnotatedClasses); XStream.setupDefaultSecurity(xStream); // Presume the XML file comes from a trusted source so it works out of the box. See class javadoc. xStream.addPermission(new AnyTypePermission()); }
public static <T> T serializeAndDeserializeWithXStream(T input) { XStream xStream = new XStream(); xStream.setMode(XStream.ID_REFERENCES); if (input != null) { xStream.processAnnotations(input.getClass()); } XStream.setupDefaultSecurity(xStream); xStream.addPermission(new AnyTypePermission()); String xmlString = xStream.toXML(input); return (T) xStream.fromXML(xmlString); }
/** * Only use for XML or JSON that comes from a 100% trusted source. * The XML/JSON must be as safe as executable java code. * Otherwise, you MUST use {@link #createNonTrustingXStream()}. */ private static XStream internalCreateTrustingXStream( XStream xstream ) { setupDefaultSecurity(xstream); // Presumes the XML content comes from a trusted source! xstream.addPermission(new AnyTypePermission()); return xstream; }
public XStreamSolutionFileIO(Class... xStreamAnnotatedClasses) { xStream = new XStream(); xStream.setMode(XStream.ID_REFERENCES); xStream.processAnnotations(xStreamAnnotatedClasses); XStream.setupDefaultSecurity(xStream); // Presume the XML file comes from a trusted source so it works out of the box. See class javadoc. xStream.addPermission(new AnyTypePermission()); }