private static object Deserialize(string xml, Type type, XmlDictionaryReaderQuotas quotas) { try { #if WINDOWS_PHONE StringReader stringReader = new StringReader(xml); using (var reader = XmlDictionaryReader.Create(stringReader)) { var serializer = new DataContractSerializer(type); return(serializer.ReadObject(reader)); } #else var bytes = Encoding.UTF8.GetBytes(xml); using (var reader = XmlDictionaryReader.CreateTextReader(bytes, quotas)) { var serializer = new DataContractSerializer(type); return(serializer.ReadObject(reader)); } #endif } catch (Exception ex) { throw new SerializationException("DeserializeDataContract: Error converting type: " + ex.Message, ex); } }
public void Deserialize(object o, Type rootType, object rootInstance, DataContractResolver resolver) { var deserializer = new DataContractSerializer(rootType, null, Int16.MaxValue, false, false, null, resolver); var reader = XmlDictionaryReader.Create(new StringReader(Serialized)); Deserialized = deserializer.ReadObject(reader); }
public void Deserialize(object o, Type rootType) { var deserializer = new DataContractSerializer(rootType); var reader = XmlDictionaryReader.Create(new StringReader(Serialized)); Deserialized = deserializer.ReadObject(reader); }
public override void WriteObjectContent(XmlDictionaryWriter writer, object graph) { writer.WriteStartElement("XMLSerializer"); string xml = WriteObject(graph); using (var ms = new MemoryStream(System.Text.Encoding.UTF8.GetBytes(xml))) { var settings = new System.Xml.XmlReaderSettings(); settings.IgnoreWhitespace = true; var w = XmlDictionaryReader.Create(ms, settings); writer.WriteNode(w, true); } writer.WriteEndElement(); }
private Message BuildMessage(string messageBody, Message originalMessage) { // change the message body //messageBodyString = messageBodyString.Replace("<HelloWorldResult>Hello World 1337</HelloWorldResult>", "<HelloWorldResult>Hello World HIJACKED!</HelloWorldResult>"); //messageBody. Encoding encoding = Encoding.UTF8; MemoryStream ms = new MemoryStream(encoding.GetBytes(messageBody)); var dictReader = XmlDictionaryReader.Create(ms); var message = System.ServiceModel.Channels.Message.CreateMessage(dictReader, int.MaxValue, originalMessage.Version); //message.Headers.CopyHeadersFrom(originalMessage); return(message); }
public static void SnippetReadFrom() { AddressHeader addressHeader1 = AddressHeader.CreateAddressHeader("specialservice1", "http://localhost:8000/service", 1); AddressHeader addressHeader2 = AddressHeader.CreateAddressHeader("specialservice2", "http://localhost:8000/service", 2); AddressHeader[] addressHeaders = new AddressHeader[2] { addressHeader1, addressHeader2 }; AddressHeaderCollection headers = new AddressHeaderCollection(addressHeaders); EndpointAddress endpointAddress = new EndpointAddress( new Uri("http://localhost:8003/servicemodelsamples/service/incode/identity"), addressHeaders); XmlDictionaryWriter writer = (XmlDictionaryWriter)XmlDictionaryWriter.Create("addressdata.xml"); endpointAddress.WriteTo(AddressingVersion.WSAddressing10, writer); writer.Close(); // <Snippet24> XmlDictionaryReader reader = (XmlDictionaryReader)XmlDictionaryReader.Create("addressdata.xml"); EndpointAddress createdEA = EndpointAddress.ReadFrom(reader); // </Snippet24> }
static void Method(string json, TypeNameHandling param) { //Unsafe 2 var data = JsonConvert.DeserializeObject <Model>(json, new JsonSerializerSettings { TypeNameHandling = TypeNameHandling.Objects }); var serializeSettings = new JsonSerializerSettings(); serializeSettings.TypeNameHandling = TypeNameHandling.All; serializeSettings.TypeNameHandling = (TypeNameHandling)2; serializeSettings = new JsonSerializerSettings { TypeNameHandling = param }; serializeSettings.TypeNameHandling = GetHandling(""); // Unsafe 5 BinaryMessageFormatter binaryMessage = new System.Messaging.BinaryMessageFormatter(); binaryMessage.Read(new Message()); // Unsafe 7 System.Web.UI.ObjectStateFormatter formatter = new System.Web.UI.ObjectStateFormatter(); formatter.Deserialize(""); formatter.Deserialize(new MemoryStream()); // Unsafe 8 XmlObjectSerializer xmlObjectSerializer = null; xmlObjectSerializer.ReadObject(new MemoryStream()); // Unsafe 11 DataContractJsonSerializer dataContractJsonSerializer = new DataContractJsonSerializer(typeof(InsecureDeserialize)); dataContractJsonSerializer.ReadObject(new MemoryStream()); dataContractJsonSerializer.ReadObject(XmlDictionaryReader.Create("")); dataContractJsonSerializer.ReadObject(XmlDictionaryReader.Create(""), false); dataContractJsonSerializer.ReadObject(XmlReader.Create("")); dataContractJsonSerializer.ReadObject(XmlReader.Create(""), false); // Unsafe 12 XmlSerializer xmlSerializer = new XmlSerializer(typeof(InsecureDeserialize)); xmlSerializer.Deserialize(new MemoryStream()); xmlSerializer.Deserialize(TextReader.Null); xmlSerializer.Deserialize(XmlReader.Create("")); xmlSerializer.Deserialize(XmlReader.Create(""), "\""); xmlSerializer.Deserialize(XmlReader.Create(""), new System.Xml.Serialization.XmlDeserializationEvents()); xmlSerializer.Deserialize(XmlReader.Create(""), "\"", new System.Xml.Serialization.XmlDeserializationEvents()); // Unsafe 13 System.Messaging.XmlMessageFormatter xmlMessageFormatter = new XmlMessageFormatter(); xmlMessageFormatter.Read(new System.Messaging.Message()); // Unsafe 14 System.Resources.ResourceReader resourceReader = new System.Resources.ResourceReader(""); resourceReader = new System.Resources.ResourceReader(new MemoryStream()); // Unsafe 15 fastJSON.JSON.ToObject(""); // Unsafe 16 ServiceStack.Text.JsonSerializer.DeserializeFromString("", typeof(InsecureDeserialize)); ServiceStack.Text.JsonSerializer.DeserializeFromReader(TextReader.Null, typeof(InsecureDeserialize)); ServiceStack.Text.JsonSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream()); ServiceStack.Text.TypeSerializer.DeserializeFromString("", typeof(InsecureDeserialize)); ServiceStack.Text.TypeSerializer.DeserializeFromReader(TextReader.Null, typeof(InsecureDeserialize)); ServiceStack.Text.TypeSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream()); ServiceStack.Text.CsvSerializer.DeserializeFromString(typeof(InsecureDeserialize), ""); ServiceStack.Text.CsvSerializer.DeserializeFromReader <InsecureDeserialize>(TextReader.Null); ServiceStack.Text.CsvSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream()); ServiceStack.Text.XmlSerializer.DeserializeFromString("", typeof(InsecureDeserialize)); ServiceStack.Text.XmlSerializer.DeserializeFromReader <InsecureDeserialize>(TextReader.Null); ServiceStack.Text.XmlSerializer.DeserializeFromStream(typeof(InsecureDeserialize), new MemoryStream()); }
/// <summary> /// Serialize the reply /// </summary> public Message SerializeReply(MessageVersion messageVersion, object[] parameters, object result) { try { // Outbound control var format = WebContentFormat.Raw; Message request = OperationContext.Current.RequestContext.RequestMessage; HttpRequestMessageProperty httpRequest = (HttpRequestMessageProperty)request.Properties[HttpRequestMessageProperty.Name]; string accepts = httpRequest.Headers[HttpRequestHeader.Accept], contentType = httpRequest.Headers[HttpRequestHeader.ContentType]; Message reply = null; // Result is serializable if (result?.GetType().GetCustomAttribute <XmlTypeAttribute>() != null || result?.GetType().GetCustomAttribute <JsonObjectAttribute>() != null) { // The request was in JSON or the accept is JSON if (accepts?.StartsWith("application/json") == true || contentType?.StartsWith("application/json") == true) { // Prepare the serializer JsonSerializer jsz = new JsonSerializer(); jsz.Converters.Add(new StringEnumConverter()); // Write json data byte[] body = null; using (MemoryStream ms = new MemoryStream()) using (StreamWriter sw = new StreamWriter(ms, Encoding.UTF8)) using (JsonWriter jsw = new JsonTextWriter(sw)) { jsz.DateFormatHandling = DateFormatHandling.IsoDateFormat; jsz.NullValueHandling = NullValueHandling.Ignore; jsz.ReferenceLoopHandling = ReferenceLoopHandling.Ignore; jsz.TypeNameHandling = TypeNameHandling.Auto; jsz.Converters.Add(new StringEnumConverter()); jsz.Serialize(jsw, result); sw.Flush(); body = ms.ToArray(); } // Prepare reply for the WCF pipeline format = WebContentFormat.Raw; contentType = "application/json"; reply = Message.CreateMessage(messageVersion, this.m_operationDescription?.Messages[1]?.Action, new RawBodyWriter(body)); } // The request was in XML and/or the accept is JSON else { if (!s_serializers.ContainsKey(result.GetType())) { throw new KeyNotFoundException($"{result.GetType().Name} serializer not found"); } XmlSerializer xsz = s_serializers[result.GetType()]; MemoryStream ms = new MemoryStream(); xsz.Serialize(ms, result); format = WebContentFormat.Xml; contentType = "application/xml"; ms.Seek(0, SeekOrigin.Begin); reply = Message.CreateMessage(messageVersion, this.m_operationDescription?.Messages[1]?.Action, XmlDictionaryReader.Create(ms)); } } else if (result is XmlSchema) { MemoryStream ms = new MemoryStream(); (result as XmlSchema).Write(ms); ms.Seek(0, SeekOrigin.Begin); format = WebContentFormat.Xml; contentType = "text/xml"; reply = Message.CreateMessage(messageVersion, this.m_operationDescription.Messages[1].Action, XmlDictionaryReader.Create(ms)); } else if (result is Stream) // TODO: This is messy, clean it up { contentType = "application/octet-stream"; reply = Message.CreateMessage(messageVersion, this.m_operationDescription.Messages[1].Action, new RawBodyWriter(result as Stream)); } else { reply = Message.CreateMessage(messageVersion, this.m_operationDescription.Messages[1].Action); } reply.Properties.Add(WebBodyFormatMessageProperty.Name, new WebBodyFormatMessageProperty(format)); //var responseProperty = (HttpResponseMessageProperty)OperationContext.Current.OutgoingMessageProperties[HttpResponseMessageProperty.Name]; //var responseProperty = new HttpResponseMessageProperty(); WebOperationContext.Current.OutgoingResponse.ContentType = contentType; WebOperationContext.Current.OutgoingResponse.Headers.Add("X-PoweredBy", String.Format("OpenIZ {0} ({1})", m_version, m_versionName)); WebOperationContext.Current.OutgoingResponse.Headers.Add("X-GeneratedOn", DateTime.Now.ToString("o")); //reply.Properties.Add(HttpResponseMessageProperty.Name, responseProperty); // TODO: Determine best way to clear current authentication context AuthenticationContext.Current = null; return(reply); } catch (Exception e) { this.m_traceSource.TraceEvent(TraceEventType.Error, e.HResult, e.ToString()); Message reply = null; new WcfErrorHandler().ProvideFault(e, messageVersion, ref reply); return(reply); } }
/// <summary> /// Serialize the reply /// </summary> public Message SerializeReply(MessageVersion messageVersion, object[] parameters, object result) { try { // Outbound control var format = WebContentFormat.Raw; Message request = OperationContext.Current.RequestContext.RequestMessage; HttpRequestMessageProperty httpRequest = (HttpRequestMessageProperty)request.Properties[HttpRequestMessageProperty.Name]; string accepts = httpRequest.Headers[HttpRequestHeader.Accept], contentType = httpRequest.Headers[HttpRequestHeader.ContentType], formatParm = httpRequest.QueryString; Message reply = null; // Result is serializable if (result?.GetType().GetCustomAttribute <XmlTypeAttribute>() != null || result?.GetType().GetCustomAttribute <JsonObjectAttribute>() != null) { XmlSerializer xsz = s_serializers[result.GetType()]; MemoryStream ms = new MemoryStream(); xsz.Serialize(ms, result); format = WebContentFormat.Xml; contentType = "application/xml+fhir"; ms.Seek(0, SeekOrigin.Begin); // The request was in JSON or the accept is JSON if (accepts?.StartsWith("application/json+fhir") == true || contentType?.StartsWith("application/json+fhir") == true || formatParm.Contains("_format=json")) { // Parse XML object Object fhirObject = null; using (StreamReader sr = new StreamReader(ms)) { String fhirContent = sr.ReadToEnd(); var parser = new FhirXmlParser(); parser.Settings.AllowUnrecognizedEnums = true; fhirObject = parser.Parse <Resource>(fhirContent); } // Now we serialize to JSON byte[] body = FhirSerializer.SerializeResourceToJsonBytes(fhirObject as Hl7.Fhir.Model.Resource); // Prepare reply for the WCF pipeline format = WebContentFormat.Raw; contentType = "application/json+fhir"; reply = Message.CreateMessage(messageVersion, this.m_operationDescription?.Messages[1]?.Action, new RawBodyWriter(body)); } // The request was in XML and/or the accept is JSON else { reply = Message.CreateMessage(messageVersion, this.m_operationDescription?.Messages[1]?.Action, XmlDictionaryReader.Create(ms)); } } else if (result is XmlSchema) { MemoryStream ms = new MemoryStream(); (result as XmlSchema).Write(ms); ms.Seek(0, SeekOrigin.Begin); format = WebContentFormat.Xml; contentType = "text/xml"; reply = Message.CreateMessage(messageVersion, this.m_operationDescription.Messages[1].Action, XmlDictionaryReader.Create(ms)); } else if (result is Stream) // TODO: This is messy, clean it up { reply = Message.CreateMessage(messageVersion, this.m_operationDescription.Messages[1].Action, new RawBodyWriter(result as Stream)); } reply.Properties.Add(WebBodyFormatMessageProperty.Name, new WebBodyFormatMessageProperty(format)); WebOperationContext.Current.OutgoingResponse.ContentType = contentType; WebOperationContext.Current.OutgoingResponse.Headers.Add("X-PoweredBy", String.Format("{0} v{1} ({2})", Assembly.GetEntryAssembly().GetName().Name, Assembly.GetEntryAssembly().GetName().Version, Assembly.GetEntryAssembly().GetCustomAttribute <AssemblyInformationalVersionAttribute>()?.InformationalVersion)); WebOperationContext.Current.OutgoingResponse.Headers.Add("X-GeneratedOn", DateTime.Now.ToString("o")); return(reply); } catch (Exception e) { this.m_traceSource.TraceEvent(TraceEventType.Error, e.HResult, e.ToString()); throw; } }