Add example to Secure Coding Guidelines 5-3

XMLWordPrintable

    • Type: Enhancement
    • Resolution: Fixed
    • Priority: P4
    • 7
    • Affects Version/s: 6
    • Component/s: infrastructure
    • None
    • inapplicable
    • generic
    • generic
    • Verified

      It would be helpful to add a code sample to guideline 5-3 (View deserialization the same as object construction) of http://java.sun.com/security/seccodeguide.html to help readers understand how to use the ObjectInputStream.readField method. I don't think that is a well understood API and an example would be very helpful here.

            Assignee:
            Andrew Gross
            Reporter:
            Sean Mullan
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: