.NET Core: Type serialization denied
This content has 4 years. Some of the information in this post may be out of date or no longer work. Please, read this page keeping its age in your mind.When trying to return with a complex object in .NET Core API, which has a Type property in it, the serializer gives the following exception : Passing Type, DataSet, DataTable through the JSON or XML serializer gives possibility to remote code execution for attackers. More information available at https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/dataset-datatable-dataview/security-guidance Workaround:Declare an enumeration for your types (ex: enum { string, int, etc }) you can parse the value for the requested type explicitly.
Hi, I am András,
I am a seasoned software engineer from Budapest, Hungary with a strong focus on mobile app development using .NET MAUI and Xamarin.Forms. My expertise also extends to website building for my happy customers and other complex system designing. I am passionate about developing well-organized, maintainable software solutions.