===============
libxstream-java
===============

-------------------------
Black list vs. white list
-------------------------

Cf. discussion/analysis at:

 * https://lists.debian.org/debian-lts/2021/06/msg00024.html
 * https://lists.debian.org/debian-lts/2021/06/msg00040.html

----------------------
Smoketest with libjsap
----------------------

This example directly loads a configuration file which really is an app-specific class serialized as XML using XStream:

::

 apt install libjsap-java
 apt source jsap
 cd jsap-2.1/
 cd src/java/
 javac -cp /usr/share/java/xstream.jar:/usr/share/java/jsap-2.1.jar com/martiansoftware/jsap/examples/Manual_HelloWorld_9.java
 cd com/martiansoftware/jsap/examples/
 java -cp /usr/share/java/xstream.jar:/usr/share/java/jsap-2.1.jar:../../../../ com.martiansoftware.jsap.examples.Manual_HelloWorld_9 -n 10 Testing


Other rdeps can be used for testing but are less direct to experiment with

----------------
Simple test file
----------------

With or without white list (commented out):

::

 import com.thoughtworks.xstream.XStream;
 import java.io.*;
 
 public class Basic {
     public static void main(String[] args) {
 	try {
 	    XStream xstream;
 
 	    xstream = new XStream();
	    Person joe = new Person("Joe", "Walnes");
 	    joe.setPhone(new PhoneNumber(123, "1234-456"));
 	    joe.setFax(new PhoneNumber(123, "9999-999"));
 	    String xmlout = xstream.toXML(joe);
 	    System.out.println(xmlout);
 
 	    InputStreamReader xmlin = new InputStreamReader(new FileInputStream(args[0]), "UTF-8");
 	    xstream = new XStream();
 	    //XStream.setupDefaultSecurity(xstream);
 	    //xstream.allowTypes(new Class[] {Person.class});
 	    xstream.alias("person", Person.class);
 	    xstream.alias("phonenumber", PhoneNumber.class);
 	    Person newJoe = (Person)xstream.fromXML(xmlin);
 	    System.out.println(newJoe);
 	    System.out.println(newJoe.phone.code);
 	} catch (IOException e) {
 	    System.out.println(e);
 	}
     }
 }
 
 public class Person {
   private String firstname;
   private String lastname;
   public PhoneNumber phone;
   private PhoneNumber fax;
   public Person(String firstname, String lastname) {
     this.firstname = firstname;
     this.lastname = lastname;
     this.phone = new PhoneNumber(1,"1");
     this.fax = new PhoneNumber(2,"2");
   }
   public void setPhone(PhoneNumber phone) {
     this.phone = phone;
   }
   public void setFax(PhoneNumber fax) {
     this.fax = fax;
   }
 }
 
 public class PhoneNumber {
   public int code;
   public String number;
   public PhoneNumber(int code, String number) {
       this.code = code;
       this.number = number;
   }
 }
 

::

 javac -cp /usr/share/java/xstream.jar Basic.java Person.java PhoneNumber.java 
 java -cp /usr/share/java/xstream.jar:. Basic basic/poc.xml 


| Copyright (C) 2021  Sylvain Beucler