Explore >> Select a destination
|
You are here 
|
www.stackchief.com | ||
| | | | |
inside.java
|
|
| | | | | While the concept of serialization is quite simple, it often gets complicated very quickly given the various customizations that can be applied. For records we wanted to keep things as simple and straightforward as possible... | |
| | | | |
initialcommit.com
|
|
| | | | | SAX parser is yet another XML parser provided by JDK which parses documents in a more optimized and faster way. | |
| | | | |
y4y.space
|
|
| | | | | Preface I finally got my shit together and decided to sit down and learn Java deserialization. So, I decided it'd be the best way to learn by analyzing the PoCs online, and ysoserial just happens to be one. I will probably analyze all the CommonCollections gadgets first, then move onto the rests. This is how... | |
| | | | |
richardstartin.github.io
|
|
| | | The streams API has been around for a while now, and I'm a big fan of it. It allows for a clean declarative programming style, which permits various optimisations to occur, and keeps the pastafarians at bay. I also think the Stream is the perfect abstraction for data interchange across API boundaries. This is partly because a Stream is lazy, meaning you don't need to pay for consumption until you actually need to, and partly because a Stream can only be used once and there can be no ambiguity about ownership. If you supply a Stream to an API, you must expect that it has been used and so must discard it. This almost entirely eradicates defensive copies and can mean that no intermediate data structures need ever exist. Despite my enthusiasm for this abstractio... | ||
