本文整理了Java中com.thoughtworks.xstream.XStream.addPermission()方法的一些代码示例,展示了XStream.addPermission()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。XStream.addPermission()方法的具体详情如下:
包路径:com.thoughtworks.xstream.XStream
类名称:XStream
方法名:addPermission
[英]Add a new security permission.
Permissions are evaluated in the added sequence. An instance of NoTypePermission or AnyTypePermission will implicitly wipe any existing permission.
[中]添加新的安全权限。
权限将按添加的顺序进行评估。NotTypePermission或AnyTypePermission的实例将隐式删除任何现有权限。
代码示例来源:origin: com.thoughtworks.xstream/xstream
protected void setupSecurity() {
if (securityMapper == null) {
return;
}
addPermission(AnyTypePermission.ANY);
securityInitialized = false;
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission denying another one.
*
* @param permission the permission to deny
* @since 1.4.7
*/
public void denyPermission(TypePermission permission) {
addPermission(new NoPermission(permission));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for explicit types.
*
* @param types the types to allow
* @since 1.4.7
*/
public void allowTypes(Class[] types) {
addPermission(new ExplicitTypePermission(types));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for explicit types by name.
*
* @param names the type names to allow
* @since 1.4.7
*/
public void allowTypes(String[] names) {
addPermission(new ExplicitTypePermission(names));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for a type hierarchy.
*
* @param type the base type to allow
* @since 1.4.7
*/
public void allowTypeHierarchy(Class type) {
addPermission(new TypeHierarchyPermission(type));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for types matching one of the specified regular expressions.
*
* @param regexps the regular expressions to allow type names
* @since 1.4.7
*/
public void allowTypesByRegExp(String[] regexps) {
addPermission(new RegExpTypePermission(regexps));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for types matching one of the specified regular expressions.
*
* @param regexps the regular expressions to allow type names
* @since 1.4.7
*/
public void allowTypesByRegExp(Pattern[] regexps) {
addPermission(new RegExpTypePermission(regexps));
}代码示例来源:origin: com.thoughtworks.xstream/xstream
/**
* Add security permission for types matching one of the specified wildcard patterns.
* <p>
* Supported are patterns with path expressions using dot as separator:
* </p>
* <ul>
* <li>?: one non-control character except separator, e.g. for 'java.net.Inet?Address'</li>
* <li>*: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'</li>
* <li>**: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'</li>
* </ul>
*
* @param patterns the patterns to allow type names
* @since 1.4.7
*/
public void allowTypesByWildcard(String[] patterns) {
addPermission(new WildcardTypePermission(patterns));
}代码示例来源:origin: javamelody/javamelody
static Object readFromXml(InputStream bufferedInput) throws IOException {
final XStream xstream = createXStream(false);
// see http://x-stream.github.io/security.html
// clear out existing permissions and set own ones
xstream.addPermission(NoTypePermission.NONE);
// allow some basics
xstream.addPermission(NullPermission.NULL);
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.allowTypesByWildcard(
new String[] { "java.lang.*", "java.util.*", "java.util.concurrent.*" });
// allow any type from the same package
xstream.allowTypesByWildcard(new String[] { PACKAGE_NAME + ".*" });
final InputStreamReader reader = new InputStreamReader(bufferedInput, XML_CHARSET_NAME);
try {
return xstream.fromXML(reader);
} finally {
reader.close();
}
}代码示例来源:origin: chanjarster/weixin-java-tools
public static XStream getInstance() {
XStream xstream = new XStream(new XppDriver() {
@Override
public HierarchicalStreamWriter createWriter(Writer out) {
return new PrettyPrintWriter(out, getNameCoder()) {
protected String PREFIX_CDATA = "<![CDATA[";
protected String SUFFIX_CDATA = "]]>";
protected String PREFIX_MEDIA_ID = "<MediaId>";
protected String SUFFIX_MEDIA_ID = "</MediaId>";
@Override
protected void writeText(QuickWriter writer, String text) {
if (text.startsWith(PREFIX_CDATA) && text.endsWith(SUFFIX_CDATA)) {
writer.write(text);
} else if (text.startsWith(PREFIX_MEDIA_ID) && text.endsWith(SUFFIX_MEDIA_ID)) {
writer.write(text);
} else {
super.writeText(writer, text);
}
}
};
}
});
xstream.ignoreUnknownElements();
xstream.setMode(XStream.NO_REFERENCES);
xstream.addPermission(NullPermission.NULL);
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
return xstream;
}代码示例来源:origin: kiegroup/jbpm
private XStream getXStream() {
XStream xstream = createXStream();
if (classLoader != null) {
xstream.setClassLoader(classLoader);
if (classLoader instanceof ProjectClassLoader ) {
Map<String, byte[]> store = ((ProjectClassLoader) classLoader).getStore();
if (store != null) {
String[] classes = store.keySet().stream()
.map( s -> s.replace( '/', '.' ) )
.map( s -> s.endsWith( ".class" ) ? s.substring( 0, s.length() - ".class".length() ) : s )
.toArray( String[]::new );
xstream.addPermission( new ExplicitTypePermission( classes ) );
}
}
}
return xstream;
}代码示例来源:origin: kiegroup/optaplanner
public XStreamSolutionFileIO(Class... xStreamAnnotatedClasses) {
xStream = new XStream();
xStream.setMode(XStream.ID_REFERENCES);
xStream.processAnnotations(xStreamAnnotatedClasses);
XStream.setupDefaultSecurity(xStream);
// Presume the XML file comes from a trusted source so it works out of the box. See class javadoc.
xStream.addPermission(new AnyTypePermission());
}代码示例来源:origin: com.thoughtworks.xstream/xstream
XStream.setupDefaultSecurity(outer);
for(int i = 0; i < permissions.length; ++i) {
outer.addPermission(permissions[i]);代码示例来源:origin: kiegroup/optaplanner
public static <T> T serializeAndDeserializeWithXStream(T input) {
XStream xStream = new XStream();
xStream.setMode(XStream.ID_REFERENCES);
if (input != null) {
xStream.processAnnotations(input.getClass());
}
XStream.setupDefaultSecurity(xStream);
xStream.addPermission(new AnyTypePermission());
String xmlString = xStream.toXML(input);
return (T) xStream.fromXML(xmlString);
}代码示例来源:origin: com.thoughtworks.xstream/xstream
xstream.addPermission(NoTypePermission.NONE);
xstream.addPermission(NullPermission.NULL);
xstream.addPermission(PrimitiveTypePermission.PRIMITIVES);
xstream.addPermission(ArrayTypePermission.ARRAYS);
xstream.addPermission(InterfaceTypePermission.INTERFACES);
xstream.allowTypeHierarchy(Calendar.class);
xstream.allowTypeHierarchy(Collection.class);代码示例来源:origin: x-stream/xstream
/**
* Add security permission for explicit types.
*
* @param types the types to allow
* @since 1.4.7
*/
public void allowTypes(final Class<?>... types) {
addPermission(new ExplicitTypePermission(types));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission denying another one.
*
* @param permission the permission to deny
* @since 1.4.7
*/
public void denyPermission(final TypePermission permission) {
addPermission(new NoPermission(permission));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission for a type hierarchy.
*
* @param type the base type to allow
* @since 1.4.7
*/
public void allowTypeHierarchy(final Class<?> type) {
addPermission(new TypeHierarchyPermission(type));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission for types matching one of the specified regular expressions.
*
* @param regexps the regular expressions to allow type names
* @since 1.4.7
*/
public void allowTypesByRegExp(final Pattern... regexps) {
addPermission(new RegExpTypePermission(regexps));
}代码示例来源:origin: x-stream/xstream
/**
* Add security permission for types matching one of the specified regular expressions.
*
* @param regexps the regular expressions to allow type names
* @since 1.4.7
*/
public void allowTypesByRegExp(final String... regexps) {
addPermission(new RegExpTypePermission(regexps));
}内容来源于网络,如有侵权,请联系作者删除!