摘要:
Any remoting system that relies on run-time type validation must deserialize a remote stream to begin using it, and malicious clients could use the moment of serialization or deserialization to the detriment of your application. To protect against such clients, .NET remoting provides two levels of automatic deserialization, Low and Full. Low is the default value, and enables most basic remoting functionality, such as automatic deserialization of remoting infrastructure types, and a limited set o 阅读全文