Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.base/share/classes/java/io/package-info.java
changeset 49438 879cf9f18688
parent 47216 71c04702a3d5 
--- a/src/java.base/share/classes/java/io/package-info.java	Wed Mar 28 14:24:17 2018 +0100
+++ b/src/java.base/share/classes/java/io/package-info.java	Wed Mar 28 14:15:41 2018 -0400
@@ -31,19 +31,17 @@
  * method in any class or interface in this package will cause a
  * {@code NullPointerException} to be thrown.
  *
- * <h2>Package Specification</h2>
+ * <h2>Object Serialization</h2>
+ * <p><strong>Warning: Deserialization of untrusted data is inherently dangerous
+ * and should be avoided. Untrusted data should be carefully validated according to the
+ * "Serialization and Deserialization" section of the
+ * {@extLink secure_coding_guidelines_javase Secure Coding Guidelines for Java SE}.
+ * </strong></p>
  * <ul>
  *   <li><a href="{@docRoot}/../specs/serialization/index.html">
  *       Java Object Serialization Specification </a>
- * </ul>
- *
- * <h2>Related Documentation</h2>
- *
- * For overviews, tutorials, examples, guides, and tool documentation,
- * please see:
- * <ul>
- *     <li>{@extLink serialver_tool_reference The serialver tool}</li>
- *     <li>{@extLink serialization_guide Serialization Documentation}</li>
+ *   <li>{@extLink serialization_filter_guide Serial Filtering} best practices</li>
+ *   <li>{@extLink serialver_tool_reference The serialver tool}</li>
  * </ul>
  *
  * @since 1.0
jdk-sandbox