Persistent Dictionary: Secure Coding Support #604
Conversation
| - (BOOL)canStoreObject:(id)anObject { | ||
| for (Class supportedClass in self.supportedObjectTypes) { | ||
| if ([anObject isKindOfClass:supportedClass]) { | ||
| return YES; | ||
| } | ||
| } | ||
|
|
||
| return NO; | ||
| } |
There was a problem hiding this comment.
Do we need to check recursively in case of NSArray / NSDictionary?
There was a problem hiding this comment.
Reasoning behind that assertion is: ObjC doesn't really have Generics, but "Lightweight Generics".
You can set a __covariant type in the header file, but it's only for Swift bridging. So I tried to do something that, at least, would give you a warning.
In our specific use case, all of the dictionaries contain either Strings or Numbers (everything is generated by a single API), so no need to validate further).
Plus the serialization invocation itself would blow up, if you pass along a non NSSecureCoding compliant class.
Thank you for bringing that up!!
| /// Indicates if the stored `Supported Object Types` should be required to conform to NSCoding. Defaults to YES | ||
| /// | ||
| @property (nonatomic, assign, readwrite) BOOL requiringSecureCoding; | ||
|
|
There was a problem hiding this comment.
Is requiringSecureCoding only used for unit tests? Maybe it's good to mention it here.
There was a problem hiding this comment.
YES! Only for testing purposes, good call!!
|
Thank you @eshurakov !! |
Details:
In this PR we're patching up SPPersistentMutableDictionary so that it supports the new Secure Coding API.
@eshurakov May I bug you with this one as well?
Thank you!!
Closes #603
Note:
The flag
requiresSecureCoding(NSKeyedArchiver / NSKeyedUnarchiver), as per the documentation, will enforce that persisted / restored classes conform to NSSecureCoding.However, it does not allow us to turn On / Off encryption. For such reason, a migration is not necessary.
Plus: A new Unit Test has been added to verify that "Unsecure Archives" can be opened when this flag is On.
Testing: