Ajax.NET Professional (AjaxPro) Serialization and Deserialization Settings

Latest release v21.10.30.1 includes several new security features

Michael Schwarz on Tuesday, November 2, 2021
Labels

What's new in 2021? Yes, I have finally worked on some important settings for client-side security options. Please check out ajaxpro.info [1] for further details and latest source code.

Serialization settings

For security reasons, AjaxPro [1] does not allow serialization/deserialization of arbitrary .NET classes in its default settings. Serialization support for individual classes or namespaces can be enabled within the "web.config", using the jsonDeserializationCustomTypes setting:

<configuration>
	<ajaxNet>
		<ajaxSettings>
			<jsonDeserializationCustomTypes default="deny">
				<allow>MyOwnNamespace.*</allow>
			</jsonDeserializationCustomTypes>
		</ajaxSettings>
	</ajaxNet>
  ...
</configuration>