Aleksey Plekhanov created IGNITE-12962: ------------------------------------------
Summary: Blacklist and whitelist of classes allowed to deserialize via HTTP-REST should be supported Key: IGNITE-12962 URL: https://issues.apache.org/jira/browse/IGNITE-12962 Project: Ignite Issue Type: Improvement Components: rest Reporter: Aleksey Plekhanov Since we have the ability to deserialize custom objects (implemented by IGNITE-12857) we should have the ability to limit the scope of classes allowed to safe deserialization. There are already two system properties used for such purpose in Ignite: {code:java} /** Defines path to the file that contains list of classes allowed to safe deserialization.*/ public static final String IGNITE_MARSHALLER_WHITELIST = "IGNITE_MARSHALLER_WHITELIST"; /** Defines path to the file that contains list of classes disallowed to safe deserialization.*/ public static final String IGNITE_MARSHALLER_BLACKLIST = "IGNITE_MARSHALLER_BLACKLIST";{code} HTTP-REST should support these properties too. -- This message was sent by Atlassian Jira (v8.3.4#803005)