Add Arrays$ArrayList to trusted classes in Jackson serializer
Issue #3830
This commit is contained in:
committed by
Mahmoud Ben Hassine
parent
7e7d39da05
commit
58b2a7a26b
@@ -255,6 +255,7 @@ public class Jackson2ExecutionContextStringSerializer implements ExecutionContex
|
||||
static class TrustedTypeIdResolver implements TypeIdResolver {
|
||||
private static final Set<String> TRUSTED_CLASS_NAMES = Collections.unmodifiableSet(new HashSet(Arrays.asList(
|
||||
"java.util.ArrayList",
|
||||
"java.util.Arrays$ArrayList",
|
||||
"java.util.LinkedList",
|
||||
"java.util.Collections$EmptyList",
|
||||
"java.util.Collections$EmptyMap",
|
||||
|
||||
@@ -19,7 +19,9 @@ import java.io.ByteArrayInputStream;
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
import java.util.Arrays;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Locale;
|
||||
import java.util.Map;
|
||||
|
||||
@@ -162,4 +164,23 @@ public class Jackson2ExecutionContextStringSerializerTests extends AbstractExecu
|
||||
}
|
||||
|
||||
public static class UnmappedDomesticNumber extends UnmappedPhoneNumber{}
|
||||
|
||||
@Test
|
||||
public void arrayAsListSerializationTest() throws IOException {
|
||||
|
||||
Jackson2ExecutionContextStringSerializer j = new Jackson2ExecutionContextStringSerializer();
|
||||
Map<String, Object> context = new HashMap<>(1);
|
||||
context.put("Arrays.asList", Arrays.asList("foo", "bar"));
|
||||
|
||||
ByteArrayOutputStream os = new ByteArrayOutputStream();
|
||||
j.serialize(context, os);
|
||||
|
||||
InputStream in = new ByteArrayInputStream(os.toByteArray());
|
||||
|
||||
context = j.deserialize(in);
|
||||
|
||||
String[] expectedValue = { "foo", "bar" };
|
||||
List<String> deserializedValue = (List<String>) context.get("Arrays.asList");
|
||||
Assert.assertArrayEquals(expectedValue, deserializedValue.toArray(new String[0]));
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user