Hi
On 10/12/13 10:14, Jason Wang wrote:
Hi all,
I know you can easily protect your xml based ws from large array attacks by
setting up a
DepthRestrictingInterceptor<http://svn.apache.org/repos/asf/cxf/trunk/rt/core/src/main/java/org/apache/cxf/interceptor/security/DepthRestrictingStreamInterceptor.java>
.
I am wondering how to achieve the same thing if Json is chosen as well as
Jackson Json provider. As far as I can see there is no properties in
Jackson to set the max depth, unlike the CXF's default Json provider.
Please check Jackson archives or ask a question there, Jackson reader is
streaming so I think it can be easily amenable to supporting the depth
properties, sorry I'm not aware of any specific details
Cheers, Sergey
Cheers,
Jason
