From the course: Writing Secure Code in iOS by Infosec
Join today to access over 24,900 courses taught by industry experts.
Object deserialization
From the course: Writing Secure Code in iOS by Infosec
Object deserialization
- Let's now talk about object deserialization. So you serialize an object, then you deserialize it. But what does that mean? It means we can take an object and we can turn it into, we can convert it into a bitstream, which means we can store it on storage, put it in a database, put it in a file, transmit it across a network to a website. It's a way of representing an object as a stream. The stream can then be reconstructed, it can be deserialized back into a clone of the original object. The only thing is that it won't have any of its previously linked methods. Serialization formats could include JSON, XML, YAML, YAML Ain't Markup Language, one of those little cute acronyms. In Swift, there is something called Codeable. It is a Swift 4 library for serialization. It's actually made up of two protocols, encodeable and decodable. You can serialize and deserialize to and from JSON, property lists, and some other formats using codeable, using the Codeable API. It lets you leverage the…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
(Locked)
Understanding input risks14m 13s
-
(Locked)
Autocorrect and autofill10m 43s
-
(Locked)
Activity: Disabling autocorrection10m 53s
-
(Locked)
Special characters, part 114m 23s
-
Special characters, part 27m 28s
-
(Locked)
Format string attack, part 17m 58s
-
(Locked)
Format string attack, part 28m 38s
-
(Locked)
Format string attack, part 36m 49s
-
(Locked)
Activity: Playing with format strings9m 53s
-
(Locked)
Input sanitization12m 42s
-
(Locked)
Input sanitization techniques: Regular expressions, part 18m 18s
-
(Locked)
Input sanitization techniques: Regular expressions, part 26m 59s
-
(Locked)
Activity: Regular expressions, part 18m 17s
-
(Locked)
Activity: Regular expressions, part 26m 53s
-
(Locked)
Activity: Regular expressions, part 37m 31s
-
(Locked)
Activity: Sanitizing input, part 110m 44s
-
Activity: Sanitizing input, part 213m 45s
-
(Locked)
Property wrappers9m 27s
-
(Locked)
Activity: Trimming whitespace and newlines with a property wrapper6m 38s
-
(Locked)
Activity: Value clamping with a property wrapper6m 48s
-
(Locked)
Activity: Sanitizing input with a property wrapper7m 18s
-
(Locked)
Null bytes7m 27s
-
(Locked)
Cross-site attacks12m 8s
-
(Locked)
Activity: Exploring XSS attacks10m 10s
-
(Locked)
Code injection14m 51s
-
(Locked)
Activity: Filtering a malicious QR code, part 112m 11s
-
(Locked)
Activity: Filtering a malicious QR code, part 25m 31s
-
(Locked)
SQL injection, part 111m 4s
-
(Locked)
SQL injection, part 24m 13s
-
(Locked)
Object deserialization7m 20s
-
(Locked)
Activity: Installing Alamofire and SwiftyJSON pods3m 36s
-
(Locked)
Activity: Securely working with JSON, part 112m 49s
-
(Locked)
Activity: Securely working with JSON, part 29m 23s
-
WebView protection4m 48s
-
(Locked)
Activity: Protecting users against insecure UIWebView10m 44s
-
(Locked)
-
-
-
-
-
-