"$type" , TypeNameHandling - TypeNameHandling.None - , . , "$type" .
"$type" TypeNameHandling = TypeNameHandling.None ( - ), :
// for security TypeNameHandling is required when deserializing
Stockholder newStockholder =
JsonConvert.DeserializeObject<Stockholder>(jsonTypeNameAuto, new JsonSerializerSettings
{
TypeNameHandling = TypeNameHandling.Auto
});
( , ) TypeNameHandling - TypeNameHandling.None ( , JsonPropertyAttribute.TypeNameHandling) . ( Json.NET, , . .
, JToken.Parse() ( - , JObject.Parse()), JsonSerializer.Deserialize<T>(), "$type" , JToken, JToken.Parse() . "$type" , JsonExtensions.RemoveTypeMetadata(this JToken root) , TypeNameHandling.All, .
, , TypeNameHandling.Arrays TypeNameHandling.All, JSON . , . IgnoreCollectionTypeConverter Json.NET / IgnoreArrayTypeConverter Json.NET $, .
, , TypeNameHandling , , TypeNameHandling, , JsonSerializerSettings Json.NET?.
, - TypeNameHandling, ISerializationBinder, , :
public class DisallowSerializationBindingBinder : ISerializationBinder
{
#region ISerializationBinder Members
public void BindToName(Type serializedType, out string assemblyName, out string typeName)
{
throw new JsonSerializationException("Binding of subtypes has been disabled");
}
public Type BindToType(string assemblyName, string typeName)
{
throw new JsonSerializationException("Binding of subtypes has been disabled");
}
#endregion
}
JsonSerializerSettings :
var settings = new JsonSerializerSettings
{
SerializationBinder = new DisallowSerializationBindingBinder(),
};
, json ( ), JsonSerializerSettings Json.NET MVC 4 Web API? ( ASP.NET Web API) JsonSerializerSettings Asp.Net Core ( asp.net).