java.lang.Object
- com.fasterxml.jackson.core.StreamReadConstraints

All Implemented Interfaces:

java.io.Serializable
```
public class StreamReadConstraints
extends java.lang.Object
implements java.io.Serializable
```
The constraints to use for streaming reads: used to guard against malicious input by preventing processing of "too big" input constructs (values, structures). Constraints are registered with TokenStreamFactory (such as JsonFactory); if nothing explicitly specified, default constraints are used.
Currently constrained aspects, with default settings, are:
- Maximum Number value length: default 1000 (see DEFAULT_MAX_NUM_LEN)
- Maximum String value length: default 20_000_000 (see DEFAULT_MAX_STRING_LEN)
- Maximum Nesting depth: default 1000 (see DEFAULT_MAX_DEPTH)
Since:

2.15

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type Class Description

static class StreamReadConstraints.Builder

Field Summary

Fields
Modifier and Type	Field	Description
`static int`	`DEFAULT_MAX_DEPTH`	Default setting for maximum depth: see `StreamReadConstraints.Builder.maxNestingDepth(int)` for details.
`static int`	`DEFAULT_MAX_NUM_LEN`	Default setting for maximum number length: see `StreamReadConstraints.Builder.maxNumberLength(int)` for details.
`static int`	`DEFAULT_MAX_STRING_LEN`	Default setting for maximum string length: see `StreamReadConstraints.Builder.maxStringLength(int)` for details.

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`static StreamReadConstraints.Builder`	`builder()`
`static StreamReadConstraints`	`defaults()`
`int`	`getMaxNestingDepth()`	Accessor for maximum depth.
`int`	`getMaxNumberLength()`	Accessor for maximum length of numbers to decode.
`int`	`getMaxStringLength()`	Accessor for maximum length of strings to decode.
`static void`	`overrideDefaultStreamReadConstraints(StreamReadConstraints streamReadConstraints)`	Override the default StreamReadConstraints.
`StreamReadConstraints.Builder`	`rebuild()`
`void`	`validateBigIntegerScale(int scale)`	Convenience method that can be used to verify that a conversion to `BigInteger` `StreamConstraintsException` is thrown.
`void`	`validateFPLength(int length)`	Convenience method that can be used to verify that a floating-point number of specified length does not exceed maximum specified by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateIntegerLength(int length)`	Convenience method that can be used to verify that an integer number of specified length does not exceed maximum specific by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateNestingDepth(int depth)`	Convenience method that can be used to verify that the nesting depth does not exceed the maximum specified by this constraints object: if it does, a `StreamConstraintsException` is thrown.
`void`	`validateStringLength(int length)`	Convenience method that can be used to verify that a String of specified length does not exceed maximum specific by this constraints object: if it does, a `StreamConstraintsException` is thrown.

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - DEFAULT_MAX_DEPTH
```
public static final int DEFAULT_MAX_DEPTH
```
    Default setting for maximum depth: see StreamReadConstraints.Builder.maxNestingDepth(int) for details.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_NUM_LEN
```
public static final int DEFAULT_MAX_NUM_LEN
```
    Default setting for maximum number length: see StreamReadConstraints.Builder.maxNumberLength(int) for details.
    
    See Also:
    
    Constant Field Values
  - DEFAULT_MAX_STRING_LEN
```
public static final int DEFAULT_MAX_STRING_LEN
```
    Default setting for maximum string length: see StreamReadConstraints.Builder.maxStringLength(int) for details.
    NOTE: Jackson 2.15.0 initially used a lower setting (5_000_000).
    
    See Also:
    
    Constant Field Values
- Method Detail
  - overrideDefaultStreamReadConstraints
```
public static void overrideDefaultStreamReadConstraints(StreamReadConstraints streamReadConstraints)
```
    Override the default StreamReadConstraints. These defaults are only used when JsonFactory instances are not configured with their own StreamReadConstraints.
    Library maintainers should not set this as it will affect other code that uses Jackson. Library maintainers who want to configure StreamReadConstraints for the Jackson usage within their lib should create ObjectMapper instances that have a JsonFactory instance with the required StreamReadConstraints.
    This method is meant for users delivering applications. If they use this, they set it when they start their application to avoid having other code initialize their mappers before the defaults are overridden.
    
    Parameters:
    
    streamReadConstraints - new default for StreamReadConstraints (a null value will reset to built-in default)
    
    Since:
    
    v2.15.2
    
    See Also:
    
    defaults(), builder()
  - builder
```
public static StreamReadConstraints.Builder builder()
```
  - defaults
```
public static StreamReadConstraints defaults()
```
    Returns:
    
    the default StreamReadConstraints (when none is set on the JsonFactory explicitly)
    
    See Also:
    
    overrideDefaultStreamReadConstraints(com.fasterxml.jackson.core.StreamReadConstraints)
  - rebuild
```
public StreamReadConstraints.Builder rebuild()
```
    Returns:
    
    New StreamReadConstraints.Builder initialized with settings of this constraints instance
  - getMaxNestingDepth
```
public int getMaxNestingDepth()
```
    Accessor for maximum depth. see StreamReadConstraints.Builder.maxNestingDepth(int) for details.
    
    Returns:
    
    Maximum allowed depth
  - getMaxNumberLength
```
public int getMaxNumberLength()
```
    Accessor for maximum length of numbers to decode. see StreamReadConstraints.Builder.maxNumberLength(int) for details.
    
    Returns:
    
    Maximum allowed number length
  - getMaxStringLength
```
public int getMaxStringLength()
```
    Accessor for maximum length of strings to decode. see StreamReadConstraints.Builder.maxStringLength(int) for details.
    
    Returns:
    
    Maximum allowed string length
  - validateNestingDepth
```
public void validateNestingDepth(int depth)
                          throws StreamConstraintsException
```
    Convenience method that can be used to verify that the nesting depth does not exceed the maximum specified by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    depth - count of unclosed objects and arrays
    
    Throws:
    
    StreamConstraintsException - If depth exceeds maximum
  - validateFPLength
```
public void validateFPLength(int length)
                      throws StreamConstraintsException
```
    Convenience method that can be used to verify that a floating-point number of specified length does not exceed maximum specified by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of number in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateIntegerLength
```
public void validateIntegerLength(int length)
                           throws StreamConstraintsException
```
    Convenience method that can be used to verify that an integer number of specified length does not exceed maximum specific by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of number in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateStringLength
```
public void validateStringLength(int length)
                          throws StreamConstraintsException
```
    Convenience method that can be used to verify that a String of specified length does not exceed maximum specific by this constraints object: if it does, a StreamConstraintsException is thrown.
    
    Parameters:
    
    length - Length of string in input units
    
    Throws:
    
    StreamConstraintsException - If length exceeds maximum
  - validateBigIntegerScale
```
public void validateBigIntegerScale(int scale)
                             throws StreamConstraintsException
```
    Convenience method that can be used to verify that a conversion to BigInteger StreamConstraintsException is thrown.
    
    Parameters:
    
    scale - Scale (possibly negative) of BigDecimal to convert
    
    Throws:
    
    StreamConstraintsException - If magnitude (absolute value) of scale exceeds maximum allowed

Class StreamReadConstraints

Nested Class Summary

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

DEFAULT_MAX_DEPTH

DEFAULT_MAX_NUM_LEN

DEFAULT_MAX_STRING_LEN

Method Detail

overrideDefaultStreamReadConstraints

builder

defaults

rebuild

getMaxNestingDepth

getMaxNumberLength

getMaxStringLength

validateNestingDepth

validateFPLength

validateIntegerLength

validateStringLength

validateBigIntegerScale