了解信息
看官网
http://x-stream.github.io/index.html
1 简单使用
安装
pom
<!-- https://mvnrepository.com/artifact/com.thoughtworks.xstream/xstream -->
<dependency>
<groupId>com.thoughtworks.xstream</groupId>
<artifactId>xstream</artifactId>
<version>1.4.2</version>
</dependency>
建一个用户类
public class User {
String name;
int id;
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
@Override
public String toString() {
return "Person{" +
"name='" + name + '\'' +
", id=" + id +
'}';
}
private void readObject(ObjectInputStream objectInputStream) throws IOException, ClassNotFoundException {
System.out.println("readObject is run!");
}
}
还要加tostring 和 readobject
序列化
User uu = (User) new XStream().fromXML(new File("./User.xml"));
System.out.println(uu.getId());
cve
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7285
https://www.yiibai.com/xstream/xstream_first_application.html
工作过程
反序列化
User uu = (User) new XStream().fromXML(new File("./User.xml"));
com/thoughtworks/xstream/XStream.java
unmarshal 套娃
public Object fromXML(File file) {
return unmarshal(hierarchicalStreamDriver.createReader(file), null);
}
public Object unmarshal(HierarchicalStreamReader reader, Object root) {
return unmarshal(reader, root, null);
}
public Object unmarshal(HierarchicalStreamReader reader, Object root, DataHolder dataHolder) {
try {
return marshallingStrategy.unmarshal(
root, reader, dataHolder, converterLookup, mapper);
} catch (ConversionException e) {
Package pkg = getClass().getPackage();
e.add("version", pkg != null ? pkg.getImplementationVersion() : "not available");
throw e;
}
}
reader对象
此时还未处理xml文