NSSecureCoding (via subclasses)

E820438

Objective-C protocol secure coding protocol

NSSecureCoding (via subclasses) is a secure coding protocol in Apple’s Foundation framework that ensures objects are safely encoded and decoded, preventing the creation of unexpected or malicious object types during archiving and serialization.

Try in SPARQL Jump to: Surface forms Statements Referenced by

Observed surface forms (1)

Surface form	Occurrences
NSSecureCoding	0

Statements (47)

Predicate	Object
instanceOf	Objective-C protocol ⓘ secure coding protocol ⓘ
appliesTo	Objective-C classes ⓘ Swift classes bridged to Objective-C ⓘ
bestPractice	use only with NSKeyedArchiver requiring secure coding ⓘ validate all decoded values ⓘ
category	application security ⓘ data serialization ⓘ
conformsTo	NSCoding NERFINISHED ⓘ
definedIn	Foundation framework NERFINISHED ⓘ
documentationURL	https://developer.apple.com/documentation/foundation/nssecurecoding ⓘ
enforcedBy	NSKeyedArchiver NERFINISHED ⓘ NSKeyedUnarchiver NERFINISHED ⓘ NSSecureUnarchiveFromDataTransformer NERFINISHED ⓘ
extends	NSCoding NERFINISHED ⓘ
introducedBy	Apple NERFINISHED ⓘ
keyRequirement	supportsSecureCoding must return YES ⓘ
language	Objective-C NERFINISHED ⓘ Swift (via Objective-C interoperability) NERFINISHED ⓘ
partOf	Foundation framework NERFINISHED ⓘ
platform	Apple platforms NERFINISHED ⓘ
primaryPurpose	mitigate object substitution attacks ⓘ prevent deserialization of unexpected object types ⓘ secure object encoding and decoding ⓘ
relatedTo	NSCoding NERFINISHED ⓘ NSKeyedArchiver NERFINISHED ⓘ NSKeyedUnarchiver NERFINISHED ⓘ
requires	NSKeyedUnarchiver to be configured with allowed classes ⓘ class to declare conformance in interface ⓘ implementation of secure decoding logic ⓘ
requiresMethod	+supportsSecureCoding ⓘ -encodeWithCoder: ⓘ -initWithCoder: ⓘ
securityProperty	helps prevent remote code execution via unarchiving ⓘ prevents decoding of arbitrary classes ⓘ requires explicit allowed classes during decoding ⓘ
usedFor	archiving ⓘ data persistence ⓘ interprocess communication ⓘ serialization ⓘ
usedIn	iOS NERFINISHED ⓘ macOS NERFINISHED ⓘ tvOS NERFINISHED ⓘ watchOS NERFINISHED ⓘ
usedWith	+[NSKeyedArchiver archivedDataWithRootObject:requiringSecureCoding:error:] ⓘ +[NSKeyedUnarchiver unarchivedObjectOfClass:fromData:error:] ⓘ +[NSKeyedUnarchiver unarchivedObjectOfClasses:fromData:error:] ⓘ

Referenced by (1)

Full triples — surface form annotated when it differs from this entity's canonical label.

NSCoder → conformsTo → NSSecureCoding (via subclasses) ⓘ