Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Newtonsoft.Json has already supported MaxDepth #25647

Closed
AngryBerryMS opened this issue Aug 16, 2021 · 0 comments · Fixed by #26730
Closed

Newtonsoft.Json has already supported MaxDepth #25647

AngryBerryMS opened this issue Aug 16, 2021 · 0 comments · Fixed by #26730
Assignees
@tdykstra
Labels
doc-enhancement Improve the current content [org][type][category] dotnet-fundamentals/svc Pri1 High priority, do before Pri2 and Pri3

Comments

@AngryBerryMS
Copy link
Member

AngryBerryMS commented Aug 16, 2021
edited by gewarren

Hi,

We noticed that there is an update needed here:

https://docs.microsoft.com/en-us/dotnet/standard/serialization/system-text-json-migrate-from-newtonsoft-how-to?pivots=dotnet-5-0#maximum-depth

image

Actually, Newtonsoft.Json has already limited the MaxDepth as 64 by default.

JamesNK/Newtonsoft.Json#2473

Hope you can update the article ASAP. And I think just suggesting users of Newtonsoft.Json to use the lastest version to avoid DoS is enough.

@herohua @live1206 @mingwli

Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
@dotnet-bot dotnet-bot added the ⌚ Not Triaged Not triaged label Aug 16, 2021
@gewarren gewarren added doc-enhancement Improve the current content [org][type][category] Pri1 High priority, do before Pri2 and Pri3 and removed Pri3 labels Oct 6, 2021
@dotnet-bot dotnet-bot removed the ⌚ Not Triaged Not triaged label Oct 7, 2021
@tdykstra tdykstra self-assigned this Oct 7, 2021
@tdykstra tdykstra mentioned this issue Oct 29, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tdykstra tdykstra

Labels
doc-enhancement Improve the current content [org][type][category] dotnet-fundamentals/svc Pri1 High priority, do before Pri2 and Pri3
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

System.Text.Json token size limits tdykstra/dotnet-docs
6 participants
@tdykstra @dotnet-bot @gewarren @PRMerger6 @PRMerger15 @AngryBerryMS