Serialization and XML
Pat Palmer
2.0
26-Jul-16
What is serialization?
“The process of converting an object (or a
graph of objects) into a linear sequence of
bytes for either storage or transmission to
another location.”
2
What is deserialization?
“The process of taking in stored information
and recreating objects from it.”

Wikipedia currently has a decent overview of
serialization

http://en.wikipedia.org/wiki/Serialization
3
how to deserialize badly


If a program is both the serializer and deserializer,
things are straightforward.
If a program receives a serialized file from another
company:

What does the program need to know to rebuild an
identical object in memory?



Text or binary format
 If binary, need to know everything
If text, what byte encoding?
If valid XML, we can at least read in the data
 But whether we know what to do with it is uncertain
4
some serialization formats






Binary
.csv
XML
SOAP
JSON
Protocol Buffers
5
uses of XML serialization format


saving program state (“settings”) between executions
sharing data between companies


Purchase orders, course enrollments, catalogs, news feeds, etc.
platform-independent Remote Procedure Calls (RPC’s)
 plain text passes through firewalls if attached to email




or sent as the payload of an HTTP request
human-readable and machine readable
both data and metadata (data about data), and thus selfdescribing
unrecognized elements can be ignored during deserialization
6
XML serialization: the bad

some folks object to using XML as the RPC
message format
 efficiency concerns



XML typically creates larger files than a binary, proprietary
format does
The larger the document, the longer it takes to transmit over a
network
privacy and security


inherently insecure because human readable
goes through firewalls
7
REpresentational State Transfer (REST)

HTTP GET requests (parameters in the URL) are RESTful

E.g., Google Charts API, HTML validator links, Amazon books


Also, a philosophy promoted in blogs with the following claims:




the URL’s get ugly, and are limited in length by browsers
every object that can be retrieved over a network should have a unique URL
that can be used to bookmark it
XML is too bulky for shipping over the network, if more concise “platform
independent” formats are available as alternatives
REST has been promoted by employees of Sun, Apple, and IBM,
while Microsoft strongly supported the XML standard and adopted
RPC using SOAP (a special version of XML)
Some REST drawbacks: no authentication scheme, no
transactions, no standardized error reporting mechanism, no formal
contract definitions
8
The End
I think part of a best friend's job should be to
immediately clear your computer history if you die.
-Anonymous
9