java.lang.Object
- com.fasterxml.jackson.core.StreamReadConstraints

All Implemented Interfaces:

java.io.Serializable
```
public class StreamReadConstraints
extends java.lang.Object
implements java.io.Serializable
```
The constraints to use for streaming reads: used to guard against malicious input by preventing processing of "too big" input constructs (values, structures). Constraints are registered with TokenStreamFactory (such as JsonFactory); if nothing explicitly specified, default constraints are used.
Currently constrained aspects, with default settings, are:
- Maximum Number value length: default 1000 (see DEFAULT_MAX_NUM_LEN)
- Maximum String value length: default 20_000_000 (see DEFAULT_MAX_STRING_LEN)
- Maximum Property name length: default 50_000 (see DEFAULT_MAX_NAME_LEN)
- Maximum Nesting depth: default 1000 (see DEFAULT_MAX_DEPTH)
- Maximum Document length: default unlimited (coded as -1, (see DEFAULT_MAX_DOC_LEN)
Since:

2.15

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static class StreamReadConstraints.Builder

Field Summary

Fields
Modifier and Type	Field	Description
`static int`	`DEFAULT_MAX_DEPTH`	Default setting for maximum depth: see `StreamReadConstraints.Builder.maxNestingDepth(int)` for details.
`static long`	`DEFAULT_MAX_DOC_LEN`	Default setting for maximum document length: see `StreamReadConstraints.Builder.maxDocumentLength(long)` for details.
`static int`	`DEFAULT_MAX_NAME_LEN`	Default setting for maximum name length: see `StreamReadConstraints.Builder.maxNameLength(int)` for details.
`static int`	`DEFAULT_MAX_NUM_LEN`
`static int`	`DEFAULT_MAX_STRING_LEN`	Default setting for maximum string length: see `StreamReadConstraints.Builder.maxStringLength(int)` for details.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`static StreamReadConstraints.Builder`	`builder()`
`static StreamReadConstraints`	`defaults()`
`long`	`getMaxDocumentLength()`	Accessor for maximum document length.
`int`	`getMaxNameLength()`	Accessor for maximum length of names to decode.
`int`	`getMaxNestingDepth()`	Accessor for maximum depth.
`int`	`getMaxNumberLength()`	Accessor for maximum length of numbers to decode.
`int`	`getMaxStringLength()`	Accessor for maximum length of strings to decode.
`boolean`	`hasMaxDocumentLength()`	Convenience method, basically same as:
`static void`	`overrideDefaultStreamReadConstraints(StreamReadConstraints streamReadConstraints)`	Override the default StreamReadConstraints.
`StreamReadConstraints.Builder`	`rebuild()`
`void`	`validateBigIntegerScale(int scale)`	Convenience method that can be used to verify that a conversion to `BigInteger` `StreamConstraintsException` is thrown.
`void`	`validateDocumentLength(long len)`	Convenience method that can be used to verify that the document length does not exceed the maximum specified by this constraints object (if any): if it does, a `StreamConstraintsException` is thrown.
`void`	`validateFPLength(int length)`	Convenience method that can be used to verify that a floating-point number of specified length does not exceed maximum specified by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateIntegerLength(int length)`	Convenience method that can be used to verify that an integer number of specified length does not exceed maximum specific by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateNameLength(int length)`	Convenience method that can be used to verify that a name of specified length does not exceed maximum specific by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateNestingDepth(int depth)`	Convenience method that can be used to verify that the nesting depth does not exceed the maximum specified by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateStringLength(int length)`	Convenience method that can be used to verify that a String of specified length does not exceed maximum specific by this constraints object: if it does, a `StreamConstraintsException` is thrown.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_MAX_DEPTH
```
public static final int DEFAULT_MAX_DEPTH
```
    Default setting for maximum depth: see StreamReadConstraints.Builder.maxNestingDepth(int) for details.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_DOC_LEN
```
public static final long DEFAULT_MAX_DOC_LEN
```
    Default setting for maximum document length: see StreamReadConstraints.Builder.maxDocumentLength(long) for details.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_NUM_LEN
```
public static final int DEFAULT_MAX_NUM_LEN
```
    Since:
    
    2.16
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_STRING_LEN
```
public static final int DEFAULT_MAX_STRING_LEN
```
    Default setting for maximum string length: see StreamReadConstraints.Builder.maxStringLength(int) for details.
    NOTE: Jackson 2.15.0 initially used a lower setting (5_000_000).
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_NAME_LEN
```
public static final int DEFAULT_MAX_NAME_LEN
```
    Default setting for maximum name length: see StreamReadConstraints.Builder.maxNameLength(int) for details.
    
    Since:
    
    2.16
    
    See Also:
    
    Constant Field Values
- Method Detail
  - overrideDefaultStreamReadConstraints
```
public static void overrideDefaultStreamReadConstraints(StreamReadConstraints streamReadConstraints)
```
    Override the default StreamReadConstraints. These defaults are only used when JsonFactory instances are not configured with their own StreamReadConstraints.
    Library maintainers should not set this as it will affect other code that uses Jackson. Library maintainers who want to configure StreamReadConstraints for the Jackson usage within their lib should create ObjectMapper instances that have a JsonFactory instance with the required StreamReadConstraints.
    This method is meant for users delivering applications. If they use this, they set it when they start their application to avoid having other code initialize their mappers before the defaults are overridden.
    
    Parameters:
    
    streamReadConstraints - new default for StreamReadConstraints (a null value will reset to built-in default)
    
    Since:
    
    v2.15.2
    
    See Also:
    
    defaults(), builder()
  - builder
```
public static StreamReadConstraints.Builder builder()
```
  - defaults
```
public static StreamReadConstraints defaults()
```
    Returns:
    
    the default StreamReadConstraints (when none is set on the JsonFactory explicitly)
    
    See Also:
    
    overrideDefaultStreamReadConstraints(com.fasterxml.jackson.core.StreamReadConstraints)
  - rebuild
```
public StreamReadConstraints.Builder rebuild()
```
    Returns:
    
    New StreamReadConstraints.Builder initialized with settings of this constraints instance
  - getMaxNestingDepth
```
public int getMaxNestingDepth()
```
    Accessor for maximum depth. see StreamReadConstraints.Builder.maxNestingDepth(int) for details.
    
    Returns:
    
    Maximum allowed depth
  - getMaxDocumentLength
```
public long getMaxDocumentLength()
```
    Accessor for maximum document length. see StreamReadConstraints.Builder.maxDocumentLength(long) for details.
    
    Returns:
    
    Maximum allowed depth
  - hasMaxDocumentLength
```
public boolean hasMaxDocumentLength()
```
    Convenience method, basically same as:
    getMaxDocumentLength() > 0L
    Returns:
    
    True if this constraints instance has a limit for maximum document length to enforce; false otherwise.
  - getMaxNumberLength
```
public int getMaxNumberLength()
```
    Accessor for maximum length of numbers to decode. see StreamReadConstraints.Builder.maxNumberLength(int) for details.
    
    Returns:
    
    Maximum allowed number length
  - getMaxStringLength
```
public int getMaxStringLength()
```
    Accessor for maximum length of strings to decode. see StreamReadConstraints.Builder.maxStringLength(int) for details.
    
    Returns:
    
    Maximum allowed string length
  - getMaxNameLength
```
public int getMaxNameLength()
```
    Accessor for maximum length of names to decode. see StreamReadConstraints.Builder.maxNameLength(int) for details.
    
    Returns:
    
    Maximum allowed name length
  - validateNestingDepth
```
public void validateNestingDepth(int depth)
                          throws StreamConstraintsException
```
    Convenience method that can be used to verify that the nesting depth does not exceed the maximum specified by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    depth - count of unclosed objects and arrays
    
    Throws:
    
    StreamConstraintsException - If depth exceeds maximum
  - validateDocumentLength
```
public void validateDocumentLength(long len)
                            throws StreamConstraintsException
```
    Convenience method that can be used to verify that the document length does not exceed the maximum specified by this constraints object (if any): if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    len - Current length of processed document content
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
    
    Since:
    
    2.16
  - validateFPLength
```
public void validateFPLength(int length)
                      throws StreamConstraintsException
```
    Convenience method that can be used to verify that a floating-point number of specified length does not exceed maximum specified by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of number in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateIntegerLength
```
public void validateIntegerLength(int length)
                           throws StreamConstraintsException
```
    Convenience method that can be used to verify that an integer number of specified length does not exceed maximum specific by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of number in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateStringLength
```
public void validateStringLength(int length)
                          throws StreamConstraintsException
```
    Convenience method that can be used to verify that a String of specified length does not exceed maximum specific by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of string in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateNameLength
```
public void validateNameLength(int length)
                        throws StreamConstraintsException
```
    Convenience method that can be used to verify that a name of specified length does not exceed maximum specific by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of name in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateBigIntegerScale
```
public void validateBigIntegerScale(int scale)
                             throws StreamConstraintsException
```
    Convenience method that can be used to verify that a conversion to BigInteger StreamConstraintsException is thrown.
    
    Parameters:
    
    scale - Scale (possibly negative) of BigDecimal to convert
    
    Throws:
    
    StreamConstraintsException - If magnitude (absolute value) of scale exceeds maximum allowed

Class StreamReadConstraints

Nested Class Summary

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_MAX_DEPTH

DEFAULT_MAX_DOC_LEN

DEFAULT_MAX_NUM_LEN

DEFAULT_MAX_STRING_LEN

DEFAULT_MAX_NAME_LEN

Method Detail

overrideDefaultStreamReadConstraints

builder

defaults

rebuild

getMaxNestingDepth

getMaxDocumentLength

hasMaxDocumentLength

getMaxNumberLength

getMaxStringLength

getMaxNameLength

validateNestingDepth

validateDocumentLength

validateFPLength

validateIntegerLength

validateStringLength

validateNameLength

validateBigIntegerScale