Class WildcardTypePermission

java.lang.Object
com.thoughtworks.xstream.security.RegExpTypePermission
com.thoughtworks.xstream.security.WildcardTypePermission
All Implemented Interfaces:
TypePermission

public class WildcardTypePermission extends RegExpTypePermission
Permission for any type with a name matching one of the provided wildcard expressions.

Supported are patterns with path expressions using dot as separator:

  • ?: one non-control character except separator, e.g. for 'java.net.Inet?Address'
  • *: arbitrary number of non-control characters except separator, e.g. for types in a package like 'java.lang.*'
  • **: arbitrary number of non-control characters including separator, e.g. for types in a package and subpackages like 'java.lang.**'

The complete range of UTF-8 characters is supported except control characters.

Note: The wildcard pattern will not match by default anonymous types, since these classes are rarely used for serialization.

Since:
1.4.7
  • Constructor Details

    • WildcardTypePermission

      public WildcardTypePermission(String[] patterns)
      Create a WildcardTypePermission.

      The wildcard pattern will not match anonymous types.

      Parameters:
      patterns - Array of wildcard patterns for types
      Since:
      1.4.7
    • WildcardTypePermission

      public WildcardTypePermission(boolean allowAnonymous, String[] patterns)
      Create a WildcardTypePermission.
      Parameters:
      allowAnonymous - Flag to match also anonymous types with the wildcard
      patterns - Array of wildcard patterns for types
      Since:
      1.4.20
  • Method Details

    • getRegExpPatterns

      private static String[] getRegExpPatterns(String[] wildcards, boolean allowAnonymous)