projects / mono.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a763ff4)
[asp.net] Added encryption notes to ObjectStateFormatter.{Serialize,Deserialize}
authorMarek Habersack <grendel@twistedcode.net>
Tue, 26 Oct 2010 23:09:13 +0000 (01:09 +0200)
committerMarek Habersack <grendel@twistedcode.net>
Tue, 26 Oct 2010 23:09:13 +0000 (01:09 +0200)
mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs patch | blob | history

diff --git a/mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs b/mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs
index f4c6a6c7410a0992fc3c51ed5dbfea0ee1b33db5..7e530db72ea9fd9d6aaae1da7cb4e459fbe1c9c9 100644 (file)
--- a/mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs
+++ b/mcs/class/System.Web/System.Web.UI/ObjectStateFormatter.cs
@@ -87,6 +87,10 @@ namespace System.Web.UI
                        }
                }
 
                        }
                }
 
+               // There's no need to implement encryption support in this overload. Encryption is
+               // performed only when ObjectStateFormatter is created in the Page context, and that
+               // can happen only internally to System.Web. Since System.Web doesn't use this
+               // overload, the encryption code in here would be effectively dead.
                public object Deserialize (Stream inputStream)
                {
                        if (inputStream == null)
                public object Deserialize (Stream inputStream)
                {
                        if (inputStream == null)
@@ -152,7 +156,11 @@ namespace System.Web.UI
                        
                        return Convert.ToBase64String (data, 0, data.Length);
                }
                        
                        return Convert.ToBase64String (data, 0, data.Length);
                }
-               
+
+               // There's no need to implement encryption support in this overload. Encryption is
+               // performed only when ObjectStateFormatter is created in the Page context, and that
+               // can happen only internally to System.Web. Since System.Web doesn't use this
+               // overload, the encryption code in here would be effectively dead.
                public void Serialize (Stream outputStream, object stateGraph)
                {
                        if (outputStream == null)
                public void Serialize (Stream outputStream, object stateGraph)
                {
                        if (outputStream == null)
my mono mirror. check out Moved to http://github.com/mono/mono