SimpleTypeResolver Class
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Provides an insecure type resolver for managed types.
public ref class SimpleTypeResolver : System::Web::Script::Serialization::JavaScriptTypeResolverpublic class SimpleTypeResolver : System.Web.Script.Serialization.JavaScriptTypeResolvertype SimpleTypeResolver = class
inherit JavaScriptTypeResolverPublic Class SimpleTypeResolver
Inherits JavaScriptTypeResolver- Inheritance
Remarks
Warning
The SimpleTypeResolver class is insecure and should not be used. Using SimpleTypeResolver to deserialize JSON could allow the remote client to execute malicious code within the app and take control of the web server.
For a sample that demonstrates using a custom JavaScriptTypeResolver safely, see JavaScriptTypeResolver.
.NET provides source analyzers that alert you to usage of the dangerous SimpleTypeResolver type. For more information about source analyzers, see Overview of source code analyzers. For instructions on installing the source analyzers, see Install .NET Compiler Platform code analyzers.
When the source analyzers package is activated in a project, references to SimpleTypeResolver produce one of the following compiler warnings:
- CA2321: Do not deserialize with JavaScriptSerializer using a SimpleTypeResolver
- CA2322: Ensure JavaScriptSerializer is not initialized with SimpleTypeResolver before deserializing
Constructors
| SimpleTypeResolver() |
Initializes a new instance of the SimpleTypeResolver class. |
Methods
| Equals(Object) |
Determines whether the specified object is equal to the current object. (Inherited from Object) |
| GetHashCode() |
Serves as the default hash function. (Inherited from Object) |
| GetType() |
Gets the Type of the current instance. (Inherited from Object) |
| MemberwiseClone() |
Creates a shallow copy of the current Object. (Inherited from Object) |
| ResolveType(String) |
Returns the Type of the specified name. |
| ResolveTypeId(Type) |
Returns the assembly-qualified name of the specified Type. |
| ToString() |
Returns a string that represents the current object. (Inherited from Object) |
