Class ObjectDecoder

All Implemented Interfaces:
ChannelHandler, ChannelInboundHandler

@Deprecated public class ObjectDecoder extends LengthFieldBasedFrameDecoder
Deprecated.
This class has been deprecated with no replacement, because serialization can be a security liability
A decoder which deserializes the received ByteBufs into Java objects.

Please note that the serialized form this decoder expects is not compatible with the standard ObjectOutputStream. Please use ObjectEncoder or ObjectEncoderOutputStream to ensure the interoperability with this decoder.

Security: serialization can be a security liability, and should not be used without defining a list of classes that are allowed to be desirialized. Such a list can be specified with the jdk.serialFilter system property, for instance. See the serialization filtering article for more information.