NSSecureCoding (via subclasses)
E820438
NSSecureCoding (via subclasses) is a secure coding protocol in Apple’s Foundation framework that ensures objects are safely encoded and decoded, preventing the creation of unexpected or malicious object types during archiving and serialization.
All labels observed (1)
| Label | Occurrences |
|---|---|
| NSSecureCoding (via subclasses) canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T9761812 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: NSSecureCoding (via subclasses) Context triple: [NSCoder, conformsTo, NSSecureCoding (via subclasses)]
-
A.
NSCoder
NSCoder is an abstract class in Apple’s Foundation framework that provides an interface for encoding and decoding objects and values for archiving and serialization.
-
B.
NSData
NSData is a fundamental Objective-C class in Apple’s Foundation framework that represents immutable raw binary data.
-
C.
NSObject
NSObject is the root base class in Objective-C from which most classes in Cocoa and Cocoa Touch inherit, providing fundamental object behavior such as memory management and message sending.
-
D.
Key-Value Observing
Key-Value Observing is an Objective-C and Swift mechanism that lets objects be notified and react when specific properties of other objects change.
-
E.
System.SerializableAttribute
System.SerializableAttribute is a C# attribute that marks a class or struct as capable of being serialized by the .NET runtime.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: NSSecureCoding (via subclasses) Target entity description: NSSecureCoding (via subclasses) is a secure coding protocol in Apple’s Foundation framework that ensures objects are safely encoded and decoded, preventing the creation of unexpected or malicious object types during archiving and serialization.
-
A.
NSCoder
NSCoder is an abstract class in Apple’s Foundation framework that provides an interface for encoding and decoding objects and values for archiving and serialization.
-
B.
NSData
NSData is a fundamental Objective-C class in Apple’s Foundation framework that represents immutable raw binary data.
-
C.
NSObject
NSObject is the root base class in Objective-C from which most classes in Cocoa and Cocoa Touch inherit, providing fundamental object behavior such as memory management and message sending.
-
D.
Key-Value Observing
Key-Value Observing is an Objective-C and Swift mechanism that lets objects be notified and react when specific properties of other objects change.
-
E.
System.SerializableAttribute
System.SerializableAttribute is a C# attribute that marks a class or struct as capable of being serialized by the .NET runtime.
- F. None of above. chosen
Statements (47)
| Predicate | Object |
|---|---|
| instanceOf |
Objective-C protocol
ⓘ
secure coding protocol ⓘ |
| appliesTo |
Objective-C classes
ⓘ
Swift classes bridged to Objective-C ⓘ |
| bestPractice |
use only with NSKeyedArchiver requiring secure coding
ⓘ
validate all decoded values ⓘ |
| category |
application security
ⓘ
data serialization ⓘ |
| conformsTo | NSCoding NERFINISHED ⓘ |
| definedIn | Foundation framework NERFINISHED ⓘ |
| documentationURL | https://developer.apple.com/documentation/foundation/nssecurecoding ⓘ |
| enforcedBy |
NSKeyedArchiver
NERFINISHED
ⓘ
NSKeyedUnarchiver NERFINISHED ⓘ NSSecureUnarchiveFromDataTransformer NERFINISHED ⓘ |
| extends | NSCoding NERFINISHED ⓘ |
| introducedBy | Apple NERFINISHED ⓘ |
| keyRequirement | supportsSecureCoding must return YES ⓘ |
| language |
Objective-C
NERFINISHED
ⓘ
Swift (via Objective-C interoperability) NERFINISHED ⓘ |
| partOf | Foundation framework NERFINISHED ⓘ |
| platform | Apple platforms NERFINISHED ⓘ |
| primaryPurpose |
mitigate object substitution attacks
ⓘ
prevent deserialization of unexpected object types ⓘ secure object encoding and decoding ⓘ |
| relatedTo |
NSCoding
NERFINISHED
ⓘ
NSKeyedArchiver NERFINISHED ⓘ NSKeyedUnarchiver NERFINISHED ⓘ |
| requires |
NSKeyedUnarchiver to be configured with allowed classes
ⓘ
class to declare conformance in interface ⓘ implementation of secure decoding logic ⓘ |
| requiresMethod |
+supportsSecureCoding
ⓘ
-encodeWithCoder: ⓘ -initWithCoder: ⓘ |
| securityProperty |
helps prevent remote code execution via unarchiving
ⓘ
prevents decoding of arbitrary classes ⓘ requires explicit allowed classes during decoding ⓘ |
| usedFor |
archiving
ⓘ
data persistence ⓘ interprocess communication ⓘ serialization ⓘ |
| usedIn |
iOS
NERFINISHED
ⓘ
macOS NERFINISHED ⓘ tvOS NERFINISHED ⓘ watchOS NERFINISHED ⓘ |
| usedWith |
+[NSKeyedArchiver archivedDataWithRootObject:requiringSecureCoding:error:]
ⓘ
+[NSKeyedUnarchiver unarchivedObjectOfClass:fromData:error:] ⓘ +[NSKeyedUnarchiver unarchivedObjectOfClasses:fromData:error:] ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: NSSecureCoding (via subclasses) Description of subject: NSSecureCoding (via subclasses) is a secure coding protocol in Apple’s Foundation framework that ensures objects are safely encoded and decoded, preventing the creation of unexpected or malicious object types during archiving and serialization.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.