?????
org.apache.commons.io.serialization.ClassNameMatcher
??ClassNameMatcher????
???
??
This package provides a framework for controlling the deserialization of classes.
-
org.apache.commons.io.serialization?ClassNameMatcher???
??????????ValidatingObjectInputStream.accept
(ClassNameMatcher m) Accept class names where the supplied ClassNameMatcher matches for deserialization, unless they are otherwise rejected.ValidatingObjectInputStream.reject
(ClassNameMatcher m) Reject class names where the supplied ClassNameMatcher matches for deserialization, even if they are otherwise accepted.