Conventions: Deserialization
Use the methods described in this page to customize the conventions by which entities are deserialized as they are received by the client.
Deserialization
CustomizeJsonDeserializer
- The
JsonSerializerobject is used by the client to deserialize entities loaded from the server. - Use the
CustomizeJsonDeserializerconvention to modifyJsonSerializerby registering a deserialization customization action.
Conventions =
{
Serialization = new NewtonsoftJsonSerializationConventions
{
CustomizeJsonDeserializer = serializer => throw new CodeOmitted()
}
}
DeserializeEntityFromBlittable
- Use the
DeserializeEntityFromBlittableconvention to customize entity deserialization from a blittable JSON.
Conventions =
{
Serialization = new NewtonsoftJsonSerializationConventions
{
DeserializeEntityFromBlittable = (type, blittable) => throw new CodeOmitted()
}
}
PreserveDocumentPropertiesNotFoundOnModel
- Some document properties are not deserialized to an object.
- Set the
PreserveDocumentPropertiesNotFoundOnModelconvention totrueto preserve such properties when the document is saved. - Set the
PreserveDocumentPropertiesNotFoundOnModelconvention tofalseto remove such properties when the document is saved. - Default:
true
Conventions =
{
PreserveDocumentPropertiesNotFoundOnModel = true
}
DefaultRavenSerializationBinder
Use the DefaultRavenSerializationBinder convention and its methods to
prevent gadgets from running RCE (Remote Code Execution) attacks while
data is deserialized by the client.
Read about this security convention and maintaining deserialization security here.
Number Deserialization
- RavenDB client supports all common numeric value types (including
int,long,double,decimal, etc.) out of the box. - Note that although deserialization of
decimalsis fully supported, there are server side limitations to numbers in this range. - Other number types, like
BigInteger, must be handled using custom deserialization.