ObjectStateFormatter.Deserialize Method

Definition

Deserializes an object state graph from serialized form.

Overloads

Deserialize(Stream)

Deserializes an object state graph from its binary-serialized form that is contained in the specified Stream object.

Deserialize(String)

Deserializes an object state graph from its serialized base64-encoded string form.

Remarks

Important

Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.

Deserialize(Stream)

Deserializes an object state graph from its binary-serialized form that is contained in the specified Stream object.

public:
 System::Object ^ Deserialize(System::IO::Stream ^ inputStream);
public object Deserialize (System.IO.Stream inputStream);
member this.Deserialize : System.IO.Stream -> obj
Public Function Deserialize (inputStream As Stream) As Object

Parameters

inputStream
Stream

A Stream that the ObjectStateFormatter deserializes into an initialized object.

Returns

An object that represents a deserialized object state graph.

Exceptions

The specified inputStream is null.

An exception occurs during deserialization of the Stream. The exception message is appended to the message of the ArgumentException.

Examples

The following code example demonstrates how a class that derives from the PageStatePersister class initializes the ViewState collection. In this example, the ViewState collection has been assigned to the First field of a Pair object, and serialized to a file using the ObjectStateFormatter class. When the Load method is called, the Deserialize(Stream) method is used to deserialize view state from the file, and the ViewState property is initialized. This code example is part of a larger example provided for the PageStatePersister class.

//
// Load ViewState and ControlState.
//
public override void Load()
{
    Stream stateStream = GetSecureStream();

    // Read the state string, using the StateFormatter.
    StreamReader reader = new StreamReader(stateStream);

    IStateFormatter formatter = this.StateFormatter;
    string fileContents = reader.ReadToEnd();

    // Deserilize returns the Pair object that is serialized in
    // the Save method.
    Pair statePair = (Pair)formatter.Deserialize(fileContents);

    ViewState = statePair.First;
    ControlState = statePair.Second;
    reader.Close();
    stateStream.Close();
}
'
' Load ViewState and ControlState.
'
Public Overrides Sub Load()

    Dim stateStream As Stream
    stateStream = GetSecureStream()

    ' Read the state string, using the StateFormatter.
    Dim reader As New StreamReader(stateStream)

    Dim serializedStatePair As String
    serializedStatePair = reader.ReadToEnd
    Dim statePair As Pair

    Dim formatter As IStateFormatter
    formatter = Me.StateFormatter

    ' Deserilize returns the Pair object that is serialized in
    ' the Save method.      
    statePair = CType(formatter.Deserialize(serializedStatePair), Pair)

    ViewState = statePair.First
    ControlState = statePair.Second
    reader.Close()
    stateStream.Close()
End Sub

Remarks

Any object state graph that is serialized with the Serialize method can be deserialized with the Deserialize method. The Deserialize(Stream) method is used to restore an object state graph stored in a Stream, such as a FileStream.

Important

Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.

Applies to

Deserialize(String)

Deserializes an object state graph from its serialized base64-encoded string form.

public:
 System::Object ^ Deserialize(System::String ^ inputString);
public object Deserialize (string inputString);
member this.Deserialize : string -> obj
Public Function Deserialize (inputString As String) As Object

Parameters

inputString
String

A string that the ObjectStateFormatter deserializes into an initialized object.

Returns

An object that represents a deserialized object state graph.

Exceptions

The specified inputString is null or has a Length of 0.

The serialized data is invalid.

The machine authentication code (MAC) validation check that is performed when deserializing view state fails.

Examples

The following code example demonstrates how to implement a method that deserializes a base64-encoded string and returns an ICollection collection of property settings. This code example relies on the property settings having been serialized with the ObjectStateFormatter class, as shown in the Serialize(Object) method.

private ICollection LoadControlProperties (string serializedProperties) {

    ICollection controlProperties = null;

    // Create an ObjectStateFormatter to deserialize the properties.
    ObjectStateFormatter formatter = new ObjectStateFormatter();

    // Call the Deserialize method.
    controlProperties = (ArrayList) formatter.Deserialize(serializedProperties);

    return controlProperties;
}
Private Function LoadControlProperties(serializedProperties As String) As ICollection
   
   Dim controlProperties As ICollection = Nothing
   
   ' Create an ObjectStateFormatter to deserialize the properties.
   Dim formatter As New ObjectStateFormatter()
   
   ' Call the Deserialize method.
   controlProperties = CType(formatter.Deserialize(serializedProperties), ArrayList)
   
   Return controlProperties
End Function 'LoadControlProperties

Remarks

Any object state graph that is serialized with the Serialize method can be deserialized with the Deserialize method. The Deserialize(String) method is used to restore an object state graph stored in base64-encoded string form.

Important

Calling this method with untrusted data is a security risk. Call this method only with trusted data. For more information, see Validate All Inputs.

Applies to