前言:传统的对象克隆在.net core5.0下已经不推荐了,微软给的解释是存在安全漏洞,其提供了几个替代类,其中就包括:XmlSerializer。
核心克隆代码:
/// <summary> /// 将一个实体对象的值复制到另一个对象 /// </summary> public static class ObjectExtensions { /// <summary> /// 对象克隆 /// </summary> /// <typeparam name="T"></typeparam> /// <param name="obj"></param> /// <returns></returns> public static T Clone<T>(this T obj) where T : class { T clone = default(T); //核心点1:BinaryFormatter在.net 5.0下存在安全漏洞已不推荐使用且报异常。 //参考链接:https://docs.microsoft.com/zh-cn/dotnet/standard/serialization/binaryformatter-security-guide //using (MemoryStream ms = new MemoryStream(1024)) //{ // BinaryFormatter binaryFormatter = new BinaryFormatter(null, new StreamingContext(StreamingContextStates.Clone)); // binaryFormatter.Serialize(ms, obj); // ms.Seek(0, SeekOrigin.Begin); // // 反序列化至另一个对象(即创建了一个原对象的深表副本) // clone = (T)binaryFormatter.Deserialize(ms); //} //核心点2:这里的XmlSerializer序列化器要使用实例obj的类型,不能直接使用类型T,否则会报异常(当obj实例为T类型的子类时,可重现该异常) //异常详细信息:"ClassName":"System.InvalidOperationException","Message":"There was an error generating the XML document.","Data":null,"InnerException":{"ClassName":"System.InvalidOperationException","Message":"The type MeShopPay.View.API.Models.ConfigModel.CallBackSettingPayPal was not expected. Use the XmlInclude or SoapInclude attribute to specify types that are not known statically." System.Xml.Serialization.XmlSerializer tXmlSerializer = new System.Xml.Serialization.XmlSerializer(typeof(T)); using (MemoryStream ms = new MemoryStream(1024)) { tXmlSerializer.Serialize(ms, obj); ms.Seek(0, SeekOrigin.Begin); // 反序列化至另一个对象(即创建了一个原对象的深表副本) clone = (T)tXmlSerializer.Deserialize(ms); } return clone; } }