From 649ac55f5fff809a12feba4a34acbe183746b24a Mon Sep 17 00:00:00 2001 From: Jim Manico Date: Wed, 6 Mar 2024 14:39:43 +0100 Subject: [PATCH] Update cheatsheets/DotNet_Security_Cheat_Sheet.md Co-authored-by: Shlomo Zalman Heigh --- cheatsheets/DotNet_Security_Cheat_Sheet.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cheatsheets/DotNet_Security_Cheat_Sheet.md b/cheatsheets/DotNet_Security_Cheat_Sheet.md index 699e48ae97..b68bff7517 100644 --- a/cheatsheets/DotNet_Security_Cheat_Sheet.md +++ b/cheatsheets/DotNet_Security_Cheat_Sheet.md @@ -795,7 +795,7 @@ DO: Perform integrity checks or validate digital signatures on serialized objects received from the network DO NOT: Use the BinaryFormatter type which is dangerous and [not recommended](https://learn.microsoft.com/en-us/dotnet/standard/serialization/binaryformatter-security-guide) for data processing. -NET offers several in-box serializers that can handle untrusted data safely: +.NET offers several in-box serializers that can handle untrusted data safely: - XmlSerializer and DataContractSerializer to serialize object graphs into and from XML. Do not confuse DataContractSerializer with NetDataContractSerializer. - BinaryReader and BinaryWriter for XML and JSON. - The System.Text.Json APIs to serialize object graphs into JSON.