AnyObjectSerializerWrapper Class


AnyObjectSerializerWrapper Class	KGy SOFT Core Libraries Help

Note: This API is now obsolete.

Provides a wrapper class for serializing any kind of object, including the ones that are not marked by the SerializableAttribute, or which are not supported by BinaryFormatter. Can be useful when a BinarySerializationFormatter payload cannot be used, so a BinaryFormatter-compatible stream must be produced. When this object is deserialized, the clone of the wrapped original object is returned.
See the Remarks section for details.

Inheritance Hierarchy

SystemObject
KGySoft.Serialization.BinaryAnyObjectSerializerWrapper

Namespace: KGySoft.Serialization.Binary
Assembly: KGySoft.CoreLibraries (in KGySoft.CoreLibraries.dll) Version: 6.0.0-rc.1

Syntax

C++

Copy

[SerializableAttribute]
[ObsoleteAttribute("This type cannot be used anymore to make any type serializable by BinaryFormatter due to security reasons. Use BinarySerializationFormatter instead, whose entire deserialization can work in safe mode if needed.")]
public sealed class AnyObjectSerializerWrapper : ISerializable, 
	IObjectReference

<SerializableAttribute>
<ObsoleteAttribute("This type cannot be used anymore to make any type serializable by BinaryFormatter due to security reasons. Use BinarySerializationFormatter instead, whose entire deserialization can work in safe mode if needed.")>
Public NotInheritable Class AnyObjectSerializerWrapper
	Implements ISerializable, IObjectReference

[SerializableAttribute]
[ObsoleteAttribute(L"This type cannot be used anymore to make any type serializable by BinaryFormatter due to security reasons. Use BinarySerializationFormatter instead, whose entire deserialization can work in safe mode if needed.")]
public ref class AnyObjectSerializerWrapper sealed : ISerializable, 
	IObjectReference

[<SealedAttribute>]
[<SerializableAttribute>]
[<ObsoleteAttribute("This type cannot be used anymore to make any type serializable by BinaryFormatter due to security reasons. Use BinarySerializationFormatter instead, whose entire deserialization can work in safe mode if needed.")>]
type AnyObjectSerializerWrapper =  
    class
        interface ISerializable
        interface IObjectReference
    end

The AnyObjectSerializerWrapper type exposes the following members.

Constructors

	Name	Description
	AnyObjectSerializerWrapper	Creates a new instance of AnyObjectSerializerWrapper with the provided object to be serialized.

Top

Extension Methods

	Name	Description
	Convert(Type, CultureInfo)	Overloaded. Converts an Object specified in the obj parameter to the desired targetType. See the Examples section of the generic ConvertTTarget(Object, CultureInfo) overload for an example. (Defined by ObjectExtensions.)
	ConvertTTarget(CultureInfo)	Overloaded. Converts an Object specified in the obj parameter to the desired TTarget. (Defined by ObjectExtensions.)
	In	Gets whether item is among the elements of set. See the Examples section of the generic InT(T, T) overload for an example. (Defined by ObjectExtensions.)
	TryConvert(Type, Object)	Overloaded. Tries to convert an Object specified in the obj parameter to the desired targetType. (Defined by ObjectExtensions.)
	TryConvert(Type, CultureInfo, Object)	Overloaded. Tries to convert an Object specified in the obj parameter to the desired targetType. (Defined by ObjectExtensions.)
	TryConvertTTarget(TTarget)	Overloaded. Tries to convert an Object specified in the obj parameter to the desired TTarget. See the Examples section of the ConvertTTarget(Object, CultureInfo) method for a related example. (Defined by ObjectExtensions.)
	TryConvertTTarget(CultureInfo, TTarget)	Overloaded. Tries to convert an Object specified in the obj parameter to the desired TTarget. See the Examples section of the ConvertTTarget(Object, CultureInfo) method for a related example. (Defined by ObjectExtensions.)

Top

Remarks

Security Note
This type has been made obsolete because just from the stream to deserialize it cannot be determined whether the consumer formatter is used in a safe context. Therefore AnyObjectSerializerWrapper deserialization uses safe mode, which denies deserializing non-serializable types. It renders this type practically useless, but it was meant for BinaryFormatter anyway, which is also being obsoleted in upcoming .NET versions. To serialize non-serializable types you still can use BinarySerializationFormatter, which now supports SafeMode, which should be enabled when deserializing anything from an untrusted source. When deserializing a stream that has an AnyObjectSerializerWrapper reference, it is ensured that no assemblies are loaded while unwrapping its content (it may not be true for other entries in the serialization stream, if the formatter is a BinaryFormatter, for example). Therefore all of the assemblies that are involved by the types wrapped into an AnyObjectSerializerWrapper must be preloaded before deserializing such a stream. See the security notes at the Remarks section of the BinarySerializationFormatter class for more details.

Security Note

This type has been made obsolete because just from the stream to deserialize it cannot be determined whether the consumer formatter is used in a safe context. Therefore AnyObjectSerializerWrapper deserialization uses safe mode, which denies deserializing non-serializable types. It renders this type practically useless, but it was meant for BinaryFormatter anyway, which is also being obsoleted in upcoming .NET versions. To serialize non-serializable types you still can use BinarySerializationFormatter, which now supports SafeMode, which should be enabled when deserializing anything from an untrusted source.

When deserializing a stream that has an AnyObjectSerializerWrapper reference, it is ensured that no assemblies are loaded while unwrapping its content (it may not be true for other entries in the serialization stream, if the formatter is a BinaryFormatter, for example). Therefore all of the assemblies that are involved by the types wrapped into an AnyObjectSerializerWrapper must be preloaded before deserializing such a stream.

See the security notes at the Remarks section of the BinarySerializationFormatter class for more details.

Since BinarySerializationFormatter supports serialization of any class, this object is not necessarily needed when BinarySerializationFormatter is used.

In .NET Framework this class supports serialization of remote objects, too.

Caution
This class cannot guarantee that an object serialized in one platform can be deserialized in another one. For such cases some text-based serialization might be better (see also the XmlSerializer). In .NET Core and above the ISerializable implementation of some types throw a PlatformNotSupportedException. For such cases setting the forceSerializationByFields in the constructor can be a solution. For a more flexible customization use the CustomSerializerSurrogateSelector class instead.

Caution

This class cannot guarantee that an object serialized in one platform can be deserialized in another one. For such cases some text-based serialization might be better (see also the XmlSerializer).

In .NET Core and above the ISerializable implementation of some types throw a PlatformNotSupportedException. For such cases setting the forceSerializationByFields in the constructor can be a solution.

For a more flexible customization use the CustomSerializerSurrogateSelector class instead.

Reference

KGySoft.Serialization.Binary Namespace