Tagged articles

82 articles

Page 1 of 1

Mar 9, 2026 · Backend Development

Why a Single Log Line Triggered a FastJSON NullPointer – A Deep Dive into Java Serialization

The article recounts a production incident where adding a trivial log statement caused a FastJSON NullPointerException, then explains the underlying serialization mechanism, the role of ASM-generated serializers, the methods invoked during serialization, and provides best‑practice guidelines to avoid similar bugs.

ASMbackend-developmentfastjson

0 likes · 8 min read

Why a Single Log Line Triggered a FastJSON NullPointer – A Deep Dive into Java Serialization

Code Ape Tech Column

Jan 16, 2026 · Backend Development

Master JSONPath in Spring Boot: Simplify Complex JSON Extraction

JSONPath offers a concise, XPath‑like syntax for extracting data from complex JSON structures, and this guide shows how to integrate it into Spring Boot, compare FastJSON, Jackson, and Gson implementations, and provides practical code examples, advanced configurations, and selection advice for Java projects.

GsonJacksonJsonPath

0 likes · 13 min read

Master JSONPath in Spring Boot: Simplify Complex JSON Extraction

DeWu Technology

Oct 15, 2025 · Backend Development

Unlock Fastjson: Inside Its High‑Performance Serialization Engine

This article dissects Alibaba's Fastjson library, explaining its architecture, core modules, project structure, serialization and deserialization processes, ASM‑based performance optimizations, AutoType security mechanisms, and streaming API, while providing code examples and practical insights for Java developers.

Deserializationfastjsonjava

0 likes · 29 min read

Unlock Fastjson: Inside Its High‑Performance Serialization Engine

Architecture Digest

Sep 30, 2025 · Backend Development

Why Does FastJSON Call isChinaName() During Serialization? Deep Dive & Fix

This article investigates a NullPointerException caused by FastJSON invoking the isChinaName() method during serialization, explains the underlying JavaBeanSerializer mechanisms, demonstrates debugging steps with code examples, and provides best‑practice guidelines using @JSONField annotations to control serialization behavior.

JSONFieldJava serializationJavaBeanSerializer

0 likes · 7 min read

Why Does FastJSON Call isChinaName() During Serialization? Deep Dive & Fix

Code Ape Tech Column

Sep 26, 2025 · Backend Development

Why FastJSON Calls isChinaName() During Serialization and How to Fix It

An unexpected NullPointerException occurs when adding a simple log line to a Java DTO, revealing that FastJSON’s serialization process invokes methods like isChinaName(), getXxx(), and isXxx() via ASM-generated serializers, and the article explains the underlying mechanism, common pitfalls, and best‑practice annotations to avoid such bugs.

ASMannotationsfastjson

0 likes · 7 min read

Why FastJSON Calls isChinaName() During Serialization and How to Fix It

Code Ape Tech Column

Aug 28, 2025 · Backend Development

Why and How to Replace Fastjson with Gson in Large Java Projects

This article explains why fastjson is being abandoned due to frequent security vulnerabilities, compares fastjson, Jackson, and Gson, and provides practical migration strategies, code examples, performance considerations, and common pitfalls to help teams safely switch to Gson in enterprise Java applications.

Gsonfastjsonjson migration

0 likes · 18 min read

Why and How to Replace Fastjson with Gson in Large Java Projects

Sohu Smart Platform Tech Team

Aug 9, 2025 · Mobile Development

Why FastJson Crashes with Kotlin Data Classes and How to Fix It

This article examines the challenges of using FastJson, FastJson2, Gson, and Kotlinx-serialization to parse Kotlin data classes in Android, explains why crashes occur due to reflection and null-safety issues, and provides step-by-step solutions—including code modifications, ProGuard rules, and library alternatives—to achieve reliable JSON handling.

AndroidKotlinProGuard

0 likes · 20 min read

Why FastJson Crashes with Kotlin Data Classes and How to Fix It

macrozheng

Jul 5, 2025 · Backend Development

Why Adding a Simple Log Triggered FastJSON Serialization Errors – A Deep Dive

A recent deployment added a log line that caused FastJSON to invoke unexpected methods during serialization, leading to a NullPointerException; this article reconstructs the scenario, analyzes the FastJSON internals, and offers best‑practice annotations to prevent similar bugs.

Code reviewannotationsfastjson

0 likes · 7 min read

Why Adding a Simple Log Triggered FastJSON Serialization Errors – A Deep Dive

Java Captain

Apr 20, 2025 · Backend Development

Comprehensive Guide to JSON Conversion Using Fastjson in Java

This article provides a detailed tutorial on JSON fundamentals and demonstrates how to convert between Java objects, collections, maps, and JSON strings or objects using Alibaba's fastjson library, covering key‑value and array structures, code examples, and practical conversion scenarios.

BackendJSONdata serialization

0 likes · 11 min read

Comprehensive Guide to JSON Conversion Using Fastjson in Java

macrozheng

Mar 31, 2025 · Backend Development

Why Using isSuccess Can Break JSON Serialization in Java and How to Fix It

This article explains how different Java boolean naming conventions affect JSON serialization across fastjson, Gson, and Jackson, demonstrates the resulting inconsistencies with code examples, and recommends using a plain "success" field with an isSuccess getter to ensure reliable cross‑library behavior.

GsonJSONJackson

0 likes · 7 min read

Why Using isSuccess Can Break JSON Serialization in Java and How to Fix It

Java Backend Technology

Mar 13, 2025 · Backend Development

Why Does FastJSON Invoke isChinaName() During Serialization? Explore the Mechanics

This article analyzes a runtime NullPointerException caused by FastJSON serialization invoking the isChinaName() method, explains the underlying ASM-generated serializer, details how JavaBeanSerializer determines which getters and is‑methods are serialized, and proposes using @JSONField(serialize = false) to control the process.

ASMJSONFieldJava serialization

0 likes · 8 min read

Why Does FastJSON Invoke isChinaName() During Serialization? Explore the Mechanics

Code Ape Tech Column

Mar 8, 2025 · Information Security

Enterprise Data Desensitization Solutions Using MyBatis and Fastjson

The article explains why data desensitization is essential for enterprises, classifies common masking techniques, and provides concrete implementation guides for database, log, and output level masking in Java applications using MyBatis plugins and Fastjson filters, complete with sample code and configuration.

Backend SecurityMyBatisdata masking

0 likes · 12 min read

Enterprise Data Desensitization Solutions Using MyBatis and Fastjson

Alibaba Cloud Developer

Jan 21, 2025 · Backend Development

How a Misused {} Lambda Triggered a Massive FastJson Crash in a Kotlin‑Java Service

The author recounts a two‑day investigation of a widespread FastJson failure caused by a Kotlin lambda mistakenly assigned to an Object field, detailing the mixed‑language project background, the puzzling symptoms, step‑by‑step debugging, the root‑cause analysis, and the final resolution.

BackendKotlinLambda

0 likes · 11 min read

How a Misused {} Lambda Triggered a Massive FastJson Crash in a Kotlin‑Java Service

Java Tech Enthusiast

Jan 5, 2025 · Backend Development

Six Common JSON Parsing Methods in Java

Java developers can parse JSON using six popular approaches—Jackson for high‑performance, annotation‑driven serialization; Gson for a lightweight, easy‑to‑use API; FastJSON for speed; JsonPath for XPath‑style nested extraction; org.json for simple utility; or manual parsing for full control—each suited to different performance and complexity needs.

GsonJSONJackson

0 likes · 9 min read

Su San Talks Tech

Jan 2, 2025 · Backend Development

6 Best Java JSON Parsing Libraries Compared – Which One Fits Your Project?

This article compares six popular Java JSON parsing approaches—Jackson, Gson, FastJSON, JsonPath, org.json, and manual parsing—detailing their features, code samples, advanced options, and pros and cons to help developers choose the right tool for their projects.

GsonJSONJackson

0 likes · 12 min read

6 Best Java JSON Parsing Libraries Compared – Which One Fits Your Project?

Architect

Dec 23, 2024 · Information Security

How to Implement Enterprise Data Desensitization with MyBatis and Fastjson

This article explains why data desensitization is essential for modern enterprises, compares masking, obfuscation and encryption techniques, and provides step‑by‑step implementations for database, log, and output layers using MyBatis interceptors, Fastjson filters, and Spring MVC configuration.

MyBatisSpring MVCdata desensitization

0 likes · 13 min read

How to Implement Enterprise Data Desensitization with MyBatis and Fastjson

Architecture Digest

Oct 16, 2024 · Backend Development

Implementing Request and Response Encryption in Spring Boot with ControllerAdvice

This article walks through the design and implementation of symmetric request/response encryption for a Spring Boot API, covering requirement analysis, data models, custom ControllerAdvice for decryption and encryption, serialization challenges with FastJson and Jackson, and final configuration to keep encrypted payloads consistent across Android, iOS, and H5 clients.

ControllerAdviceJacksonSpring Boot

0 likes · 12 min read

Implementing Request and Response Encryption in Spring Boot with ControllerAdvice

Top Architect

Sep 5, 2024 · Backend Development

Fastjson DateFormat Priority and Circular Reference Issues: Debugging and Solutions

The article details a senior architect's investigation of Fastjson problems, including a date format priority bug that behaved differently on Windows and Linux due to an outdated library version, and a circular reference serialization issue resolved by disabling specific serializer features, while offering broader insights on version management and feature control.

CircularReferencedateformatfastjson

0 likes · 13 min read

Fastjson DateFormat Priority and Circular Reference Issues: Debugging and Solutions

Alibaba Cloud Developer

Aug 21, 2024 · Backend Development

Why a Single Log Line Crashed My Java Service: Fastjson Getter Pitfalls Explained

During a recent iteration, adding a simple log statement triggered a system exception because Fastjson automatically invoked a custom getter that returned null, leading to an NPE; the article details the root cause, the serialization process, and practical solutions to prevent similar issues.

Backendbugfastjson

0 likes · 11 min read

Why a Single Log Line Crashed My Java Service: Fastjson Getter Pitfalls Explained

Java Architect Essentials

Aug 18, 2024 · Backend Development

Why Fastjson’s Date Formatting Breaks on Linux and How to Resolve It

The author recounts switching from Gson to Fastjson, encountering a date‑formatting bug that only appears on Linux due to an outdated Fastjson version, explores a circular‑reference $ref issue, and shares debugging steps, GitHub issue references, and practical fixes for reliable JSON serialization.

BackendVersion Compatibilitydebugging

0 likes · 12 min read

Why Fastjson’s Date Formatting Breaks on Linux and How to Resolve It

Alibaba Cloud Developer

Jul 10, 2024 · Backend Development

How We Cut 1GB Memory Usage in Java with String.intern() and Custom Deserializers

Facing massive FullGC alarms due to an oversized in‑memory cache, we leveraged Java’s String.intern() via a custom fastjson deserializer and a rewritten HashMap to deduplicate low‑entropy strings, slashing heap usage by over 1 GB while preserving functionality.

Custom DeserializerHashMapMemory Optimization

0 likes · 7 min read

How We Cut 1GB Memory Usage in Java with String.intern() and Custom Deserializers

Su San Talks Tech

Jun 28, 2024 · Backend Development

Why FastJSON Throws an Illegal Identifier Error and How Escaping Saves You

The article walks through a puzzling JSON deserialization failure in a Java filter using FastJSON, compares it with Gson and Jackson, discovers that hidden escape characters cause the error, and shows how unescaping the string resolves the issue.

DeserializationGsonJSON

0 likes · 9 min read

Why FastJSON Throws an Illegal Identifier Error and How Escaping Saves You

Java High-Performance Architecture

May 24, 2024 · Backend Development

Fastjson Pitfalls: Date Formatting Glitch and Circular Reference Chaos Explained

The author recounts a debugging saga with Alibaba's Fastjson library, detailing how a global date‑format setting failed on Linux, how an outdated Fastjson version caused the issue, and how circular‑reference detection with $ref can surprise developers, offering practical solutions and version recommendations.

Date FormattingVersion Compatibilitycircular reference

0 likes · 11 min read

Fastjson Pitfalls: Date Formatting Glitch and Circular Reference Chaos Explained

Java Interview Crash Guide

May 9, 2024 · Backend Development

Why Does FastJSON Invoke isChinaName()? Uncovering Hidden Serialization Pitfalls

A seemingly harmless log addition triggered a cascade of FastJSON serialization calls, leading to a NullPointerException caused by the isChinaName() method, and the article walks through the debugging process, explains the underlying serialization mechanics, and proposes a clean solution using @JSONField(serialize=false).

JSONFieldJava serializationdebugging

0 likes · 8 min read

Why Does FastJSON Invoke isChinaName()? Uncovering Hidden Serialization Pitfalls

The Dominant Programmer

Apr 24, 2024 · Backend Development

How to Build a JSON DSL in Spring Boot with Jayway JsonPath

This tutorial demonstrates adding JsonPath to a Spring Boot project, using DSL‑style expressions to extract authors, titles, counts and filtered data from a sample JSON payload, and shows how to drive the extraction dynamically via configurable mappings with fastjson and hutool.

DSLJsonPathSpring Boot

0 likes · 7 min read

How to Build a JSON DSL in Spring Boot with Jayway JsonPath

macrozheng

Feb 22, 2024 · Backend Development

Why Using isSuccess Can Break JSON Serialization in Java

This article explains how different Java JSON libraries handle boolean getter naming, shows code examples of serialization results with fastjson, Gson, and Jackson, and recommends using a plain "success" field with an isSuccess() getter to avoid runtime bugs.

GsonJacksonJavaBeans

0 likes · 7 min read

Why Using isSuccess Can Break JSON Serialization in Java

The Dominant Programmer

Feb 19, 2024 · Backend Development

Using SpringBoot and Thread Pools for High‑Frequency HTTP Calls with Multithreaded JSON Parsing

This tutorial demonstrates how to configure a SpringBoot application to repeatedly call a third‑party HTTP API, parse the returned JSON with FastJSON, and process each data item concurrently using a fixed thread pool initialized in a scheduled task.

HTTPSpringBootfastjson

0 likes · 5 min read

Using SpringBoot and Thread Pools for High‑Frequency HTTP Calls with Multithreaded JSON Parsing

Architect

Feb 7, 2024 · Backend Development

How to Secure Spring MVC APIs with Request/Response Encryption Using ControllerAdvice

This article walks through a real‑world scenario of adding symmetric encryption to Spring MVC endpoints for Android, iOS and H5 clients, detailing the requirements, code implementation of request and response interceptors, serialization pitfalls with enums and LocalDateTime, and the final solution using Jackson's ObjectMapper to keep encrypted and non‑encrypted responses consistent.

API SecurityControllerAdviceJackson

0 likes · 17 min read

How to Secure Spring MVC APIs with Request/Response Encryption Using ControllerAdvice

Sohu Tech Products

Jan 24, 2024 · Mobile Development

How to Fix FastJson Parsing Errors in Kotlin Android Apps

This article analyzes why FastJson, Gson, and Kotlinx‑serialization encounter crashes or incorrect handling when parsing Kotlin data classes in Android, explains the root causes such as missing no‑arg constructors and null‑safety issues, and provides concrete code fixes, ProGuard rules, and a unified wrapper API for reliable JSON processing.

AndroidGsonKotlin

0 likes · 20 min read

How to Fix FastJson Parsing Errors in Kotlin Android Apps

Top Architecture Tech Stack

Nov 24, 2023 · Backend Development

Applying ASM Bytecode Manipulation in cglib and Fastjson

This article demonstrates how ASM is used to generate dynamic proxies with cglib and to create high‑performance JSON deserializers in Fastjson, providing code examples, explanation of the underlying bytecode generation, and practical tips for developers.

ASMDynamic Proxybytecode

0 likes · 8 min read

Applying ASM Bytecode Manipulation in cglib and Fastjson

Java Architect Essentials

Sep 14, 2023 · Backend Development

Understanding FastJson Serialization: Root Causes of NPE, Method Invocation Rules, and Best‑Practice Code Guidelines

This article reviews a production incident caused by a simple log statement, reconstructs the scenario with a CountryDTO example, analyzes FastJson's ASM‑based serializer internals, explains which getter/is methods are invoked during serialization, and proposes annotation‑driven coding standards to avoid similar bugs.

Code reviewJSONJava serialization

0 likes · 9 min read

Understanding FastJson Serialization: Root Causes of NPE, Method Invocation Rules, and Best‑Practice Code Guidelines

Architect's Tech Stack

Sep 5, 2023 · Backend Development

Understanding FastJSON JavaBean Serialization and Common Pitfalls

This article analyzes a Java serialization issue caused by FastJSON invoking a getter on a null field, explains the underlying ASM‑based serializer generation, and provides best‑practice code examples and annotations to prevent similar bugs in backend development.

JSONannotationsfastjson

0 likes · 8 min read

Understanding FastJSON JavaBean Serialization and Common Pitfalls

Rare Earth Juejin Tech Community

Aug 17, 2023 · Backend Development

Understanding Jackson vs Fastjson Serialization of Circular References and Global Exception Handling in Spring Boot

The article examines how Spring Boot handles circular reference serialization with Jackson and Fastjson, demonstrates the role of @ControllerAdvice for global exception capture, explains why Jackson may emit both 200 and 500 responses, and provides practical solutions using annotations and configuration.

BackendJacksonSpring Boot

0 likes · 18 min read

Understanding Jackson vs Fastjson Serialization of Circular References and Global Exception Handling in Spring Boot

Architect

Aug 11, 2023 · Backend Development

Why a Single Log Line Triggered a FastJSON NullPointerException – Deep Debugging Guide

The article walks through a real‑world FastJSON serialization failure caused by a newly added log statement, explains why FastJSON invokes certain getter methods during serialization, shows the ASM‑generated serializer internals, and proposes annotation‑based coding standards to avoid similar bugs.

ASMannotationsdebugging

0 likes · 9 min read

Why a Single Log Line Triggered a FastJSON NullPointerException – Deep Debugging Guide

Xiao Lou's Tech Notes

Aug 2, 2023 · Backend Development

Why Fastjson Breaks SpringBoot Agents and How to Resolve the ClassLoader Conflict

This article analyzes how adding Fastjson to a SpringBoot agent causes classloader conflicts that prevent GenericHttpMessageConverter from loading, explains the underlying parent‑delegation mechanism, and presents solutions such as using Maven Shade to rename packages or switching to a lightweight JSON library like Gson.

Dependency ConflictGsonSpringBoot

0 likes · 16 min read

Why Fastjson Breaks SpringBoot Agents and How to Resolve the ClassLoader Conflict

Code Ape Tech Column

Jul 19, 2023 · Backend Development

FastJson Issues: Date Format Priority, $ref Circular Reference, and Lessons Learned

The article recounts a developer's experience with FastJson, detailing a date‑format configuration bug caused by an outdated library version, a $ref circular‑reference serialization issue, the debugging steps taken, and broader observations about FastJson's maintenance and feature defaults.

backend debuggingcircular referencedate_format

0 likes · 10 min read

FastJson Issues: Date Format Priority, $ref Circular Reference, and Lessons Learned

Top Architect

Jul 18, 2023 · Backend Development

Fastjson Boolean Property Naming Issue and How to Resolve It

This article explains why Fastjson incorrectly renames boolean fields prefixed with "is" during serialization, demonstrates the problem with sample Java code, analyzes the underlying reflection logic, and provides two practical solutions: following Alibaba Java guidelines or using @JSONField annotations.

boolean namingfastjsonjava

0 likes · 9 min read

Fastjson Boolean Property Naming Issue and How to Resolve It

Alibaba Cloud Developer

Jun 13, 2023 · Backend Development

Why JSON Parsing Fails After Adding a Field: Java vs JavaScript Insights

During a workflow form update, adding a new JSON attribute caused front‑end errors; the article investigates how JavaScript and Java (fastjson) handle control characters differently, presents experiments, code snippets, and offers practical recommendations to avoid similar JSON parsing issues.

JSONJavaScriptfastjson

0 likes · 10 min read

Why JSON Parsing Fails After Adding a Field: Java vs JavaScript Insights

Top Architect

May 31, 2023 · Backend Development

FastJson Date Formatting and Circular Reference Issues: A Debugging Journey

The article recounts a senior architect's investigation into FastJson's date formatting bug and circular reference handling, detailing version mismatches, GitHub issue tracking, feature flag usage, and lessons for backend developers on avoiding hidden serialization pitfalls.

date_formatdebuggingfastjson

0 likes · 11 min read

FastJson Date Formatting and Circular Reference Issues: A Debugging Journey

Java Backend Technology

May 25, 2023 · Backend Development

Why FastJson’s Date Formatting Fails on Linux and How to Fix It

This article recounts the author's real‑world debugging of FastJson, covering unexpected date‑format priority issues on Linux, version mismatches, circular‑reference detection quirks, and practical tips such as disabling specific SerializerFeatures, while also reflecting on the library’s maintenance and migration to FastJson2.

circular referencedateformatfastjson

0 likes · 11 min read

Why FastJson’s Date Formatting Fails on Linux and How to Fix It

Java Architect Essentials

Apr 17, 2023 · Backend Development

Why a Single Log Line Triggered an NPE in FastJson Serialization – A Deep Dive

A seemingly harmless log addition caused a NullPointerException during FastJson serialization, prompting a step‑by‑step investigation of the generated ASM serializer, JavaBeanSerializer workflow, getter detection rules, and practical code‑style guidelines to avoid similar pitfalls.

ASMBackendJSON

0 likes · 9 min read

Why a Single Log Line Triggered an NPE in FastJson Serialization – A Deep Dive

Java Architect Essentials

Feb 22, 2023 · Backend Development

Pitfalls and Solutions for Converting Java Beans to Maps

This article examines common pitfalls when converting Java Beans to Map objects—such as type loss with JSON libraries and incorrect property name resolution in BeanMap utilities—and presents a robust solution using Dubbo's PojoUtils along with detailed code examples and analysis.

Bean to MapBeanUtilsDubbo

0 likes · 12 min read

Pitfalls and Solutions for Converting Java Beans to Maps

Java Architect Essentials

Feb 21, 2023 · Backend Development

Performance Benchmark of Common Java JSON Libraries Using JMH

This article benchmarks the serialization and deserialization performance of four popular Java JSON libraries—Gson, Fastjson, Jackson, and Json‑lib—using JMH, analyzes the results across different operation counts, and provides guidance on selecting the most suitable library for high‑performance applications.

GsonJMHJSON

0 likes · 11 min read

Performance Benchmark of Common Java JSON Libraries Using JMH

Code Ape Tech Column

Dec 21, 2022 · Backend Development

Migrating from Fastjson to Gson: Lessons Learned and Best Practices

This article documents a month‑long effort to replace Fastjson with Gson in Java projects, analyzing security vulnerabilities, comparing performance and features of Fastjson, Jackson, and Gson, and providing detailed migration steps, code examples, and pitfalls to avoid for large‑scale backend systems.

GsonJSONfastjson

0 likes · 21 min read

Migrating from Fastjson to Gson: Lessons Learned and Best Practices

dbaplus Community

Dec 5, 2022 · Backend Development

Why a Simple Log Caused FastJSON NPE: Inside JavaBeanSerializer Mechanics

The article recounts a production incident where adding a single log line caused a FastJSON NullPointerException, then reconstructs the scenario, analyzes the JavaBeanSerializer source code, presents serialization flowcharts, demonstrates example code with various @JSONField and @JSONType cases, and proposes coding standards to avoid similar serialization pitfalls.

JSONFieldJava serializationJavaBeanSerializer

0 likes · 9 min read

Why a Simple Log Caused FastJSON NPE: Inside JavaBeanSerializer Mechanics

Su San Talks Tech

Nov 14, 2022 · Backend Development

How to Secure Spring MVC APIs with Unified Request/Response Encryption

This article walks through implementing symmetric encryption for both request and response bodies in a Spring MVC project, covering requirement analysis, data model design, custom ControllerAdvice for decryption and encryption, serialization challenges with FastJson and Jackson, and final configuration to ensure consistent API output across Android, iOS, and H5 clients.

ControllerAdviceJacksonSpring MVC

0 likes · 14 min read

How to Secure Spring MVC APIs with Unified Request/Response Encryption

Java High-Performance Architecture

Nov 11, 2022 · Backend Development

Why a Single Log Triggered a FastJson Crash? Uncovering Java Bean Serialization

A seemingly harmless log addition caused a FastJson alarm, leading to a deep dive into Java bean serialization, ASM‑generated serializers, method invocation rules, and best‑practice guidelines for clean, framework‑agnostic JSON handling in backend development.

JSONfastjsonjava

0 likes · 8 min read

Why a Single Log Triggered a FastJson Crash? Uncovering Java Bean Serialization

Programmer DD

Nov 10, 2022 · Backend Development

Why Does FastJSON Invoke isChinaName() During Serialization? A Deep Dive

The article recounts a production incident caused by a simple log addition, then analyzes FastJSON’s serialization process, explaining why methods like isChinaName() are invoked, how ASM-generated serializers work, and offers best‑practice guidelines using @JSONField(serialize = false) to control serialization.

ASMJSONFieldbackend-development

0 likes · 9 min read

Why Does FastJSON Invoke isChinaName() During Serialization? A Deep Dive

Selected Java Interview Questions

Nov 4, 2022 · Backend Development

FastJSON Serialization Mechanism: Why isChinaName() Is Invoked and How to Control Method Inclusion

This article analyzes a FastJSON serialization issue caused by an unexpected call to isChinaName(), explains the underlying JavaBeanSerializer workflow, demonstrates how ASM-generated serializers work, and proposes coding conventions using @JSONField to prevent unwanted method execution during JSON conversion.

JSONFieldJava serializationbackend-development

0 likes · 8 min read

FastJSON Serialization Mechanism: Why isChinaName() Is Invoked and How to Control Method Inclusion

DaTaobao Tech

Jun 24, 2022 · Backend Development

Random Fastjson Deserialization Failure Caused by Constructor Order

The article explains that Fastjson sometimes throws a syntax‑error exception when deserializing a JSON list of StewardTipCategory objects because the JVM returns overloaded constructors in nondeterministic order, causing Fastjson to pick the wrong constructor; removing or renaming the ambiguous constructor fixes the issue.

BackendConstructorOrderDeserialization

0 likes · 12 min read

Random Fastjson Deserialization Failure Caused by Constructor Order

IT Services Circle

Jun 18, 2022 · Backend Development

Investigating an Intermittent Fastjson Generic Parsing Bug in a Java Backend

This article recounts a developer's step‑by‑step investigation of an intermittent Fastjson generic‑type parsing error in a Java backend, detailing the initial symptom, debugging process, code examples, discovery of Fastjson’s cached generic handling bug, and the resolution by upgrading to version 1.2.33.

JSONbugfastjson

0 likes · 10 min read

Investigating an Intermittent Fastjson Generic Parsing Bug in a Java Backend

Java Backend Technology

Jun 4, 2022 · Information Security

Critical Fastjson Vulnerability: How to Secure Your Java Apps Now

A newly discovered Fastjson vulnerability affecting versions up to 1.2.80 can bypass autoType restrictions, enabling remote attacks, and the advisory outlines the risk, affected versions, upgrade paths, safeMode hardening, the fastjson v2 migration, and none‑autotype alternatives to protect Java applications.

AutoTypeSafeModeVulnerability

0 likes · 5 min read

Critical Fastjson Vulnerability: How to Secure Your Java Apps Now

Java Architect Essentials

Jun 1, 2022 · Information Security

Fastjson 1.2.80 and Earlier Vulnerability: Risks, Affected Versions, and Upgrade Recommendations

Fastjson versions up to 1.2.80 contain a deserialization vulnerability that can bypass autoType restrictions, posing significant remote attack risk; users are advised to upgrade to the latest 1.2.83 release, enable safeMode or use the noneautotype builds, and consider migrating to Fastjson 2.0 for enhanced security.

Java SecurityLibrary UpgradeSafeMode

0 likes · 5 min read

Fastjson 1.2.80 and Earlier Vulnerability: Risks, Affected Versions, and Upgrade Recommendations

Programmer DD

May 25, 2022 · Information Security

Critical Fastjson Deserialization Flaw Fixed – What You Need to Know

Fastjson versions up to 1.2.80 contain a deserialization flaw that can bypass the default autoType restriction, but the issue is mitigated by safeMode; the Fastjson team has released patches, recommending upgrades to 1.2.83, enabling safeMode, or migrating to Fastjson v2 for enhanced security.

Java SecuritySafeModeVersion Upgrade

0 likes · 4 min read

Critical Fastjson Deserialization Flaw Fixed – What You Need to Know

Java Architecture Diary

May 24, 2022 · Information Security

Fastjson ≤1.2.80 Deserialization Flaw Enables Remote Code Execution – How to Protect Your Systems

A critical deserialization flaw in Fastjson versions up to 1.2.80 allows attackers to bypass autoType restrictions and achieve remote code execution, affecting Spring Cloud Alibaba Sentinel users, with mitigation steps and version-specific fixes detailed for both open‑source and commercial releases.

Remote Code ExecutionSecurity PatchSpring Cloud Alibaba Sentinel

0 likes · 2 min read

Fastjson ≤1.2.80 Deserialization Flaw Enables Remote Code Execution – How to Protect Your Systems

Sanyou's Java Diary

May 17, 2022 · Backend Development

Why Does Fastjson Occasionally Throw ‘Can Not Cast to String’? A Deep Dive into a Ghost Bug

This article chronicles a puzzling Fastjson bug that manifested intermittently in production, detailing the investigation steps, code examples, and the eventual discovery that an early Fastjson version mishandled generic type caching, which was fixed by upgrading the library.

Generic TypesJSONdebugging

0 likes · 11 min read

Why Does Fastjson Occasionally Throw ‘Can Not Cast to String’? A Deep Dive into a Ghost Bug

Programmer DD

May 14, 2022 · Backend Development

Fastjson 2.0.3 Unveiled: Record Support, GraalVM Native‑Image, and Enhanced JSONPath

On May 14 the open‑source Fastjson library launched version 2.0.3, adding better compatibility with its 1.x line, native support for JDK 14 records, GraalVM native‑image compatibility, an improved extension mechanism, stronger JSONPath capabilities, Jackson annotation compatibility, and faster deserialization for heavily escaped JSON data.

BackendJSONRecord

0 likes · 2 min read

Fastjson 2.0.3 Unveiled: Record Support, GraalVM Native‑Image, and Enhanced JSONPath

IT Services Circle

Mar 5, 2022 · Backend Development

Understanding Generic Type Erasure and Fastjson Deserialization with TypeReference in Java

This article explains how Java's generic type erasure affects Fastjson deserialization, demonstrates common mistakes, and shows the correct way to deserialize generic fields using Fastjson's TypeReference, while also revealing the inner workings of TypeReference through reflection and anonymous classes.

DeserializationGenericsTypeReference

0 likes · 9 min read

Understanding Generic Type Erasure and Fastjson Deserialization with TypeReference in Java

OPPO Amber Lab

Dec 23, 2021 · Information Security

How Java Deserialization Vulnerabilities Enable Remote Code Execution

This article explains Java's reflection mechanism, details how deserialization flaws in libraries like Apache Commons Collections and Fastjson allow attackers to craft malicious objects that trigger arbitrary command execution, and provides practical proof‑of‑concept steps and mitigation recommendations.

DeserializationExploitReflection

0 likes · 7 min read

How Java Deserialization Vulnerabilities Enable Remote Code Execution

FunTester

Oct 29, 2021 · Backend Development

Master Fastjson: Create, Modify, and Query JSON Objects in Java

This tutorial walks through using Fastjson to create, add, delete, retrieve, and manipulate JSON objects in Java, highlighting common pitfalls and showcasing advanced methods such as compute, computeIfAbsent, and custom iteration techniques.

JSONTutorialfastjson

0 likes · 4 min read

Master Fastjson: Create, Modify, and Query JSON Objects in Java

FunTester

Oct 28, 2021 · Backend Development

Adding Custom Methods to fastjson JSONObject Using Groovy MetaClass

This article demonstrates how to dynamically add custom methods to fastjson's JSONObject in Groovy by leveraging MetaClass and closures, providing code examples that simplify JSON traversal and output during API testing for developers.

DynamicMethodGroovyMetaclass

0 likes · 4 min read

Adding Custom Methods to fastjson JSONObject Using Groovy MetaClass

Programmer DD

Aug 24, 2021 · Information Security

Fastjson RCE Chains: JdbcRowSetImpl, TemplatesImpl, and BasicDataSource Exploits

This article analyzes three Fastjson deserialization exploit chains—JdbcRowSetImpl, TemplatesImpl, and BasicDataSource—detailing how crafted JSON payloads trigger JNDI lookups, load remote malicious bytecode, and ultimately achieve remote code execution without requiring special Fastjson features.

DeserializationJNDIRCE

0 likes · 13 min read

Fastjson RCE Chains: JdbcRowSetImpl, TemplatesImpl, and BasicDataSource Exploits

FunTester

Aug 6, 2021 · Backend Development

Understanding getInteger vs getIntValue in FastJSON and Fixing the isRight() Validation Bug

This article explains the difference between FastJSON's getInteger and getIntValue methods, analyzes a common validation bug in a custom isRight() implementation, and provides corrected code examples and optional global switches for robust response handling in Java backend projects.

APIBackendBugFix

0 likes · 6 min read

Understanding getInteger vs getIntValue in FastJSON and Fixing the isRight() Validation Bug

Senior Brother's Insights

Feb 22, 2021 · Backend Development

Why We’re Dropping Fastjson: A Deep Dive into Its API, Performance, and Security Risks

The article examines Fastjson’s features, demonstrates basic usage, compares it with other Java JSON libraries, and explains why the author decided to abandon Fastjson due to its lower popularity, design shortcomings, numerous open issues, and a history of serious AutoType vulnerabilities.

JSONLibrary comparisonfastjson

0 likes · 11 min read

Why We’re Dropping Fastjson: A Deep Dive into Its API, Performance, and Security Risks

Code Ape Tech Column

Jan 4, 2021 · Backend Development

Is FastJson Really Faster? Benchmark vs Jackson and Gson

This article evaluates Alibaba's FastJson library by comparing its parsing speed, Maven popularity, and issue count against Jackson and Gson, presenting benchmark results, highlighting a critical bug in timestamp handling, and concluding with a recommendation to prefer Jackson for most Java projects.

GsonJacksonJava performance

0 likes · 7 min read

Is FastJson Really Faster? Benchmark vs Jackson and Gson

Code Ape Tech Column

Dec 2, 2020 · Backend Development

FastJson: Performance, Popularity, and Issues – A Comparative Study with Jackson and Gson

This article examines Alibaba's FastJson library, comparing its parsing speed and popularity against Jackson and Gson, presents benchmark results, highlights code defects and unresolved issues, and concludes with recommendations for using Jackson over FastJson in Java backend projects.

GsonJacksonfastjson

0 likes · 7 min read

FastJson: Performance, Popularity, and Issues – A Comparative Study with Jackson and Gson

Top Architect

Nov 5, 2020 · Backend Development

How to Identify and Resolve Fastjson Feature.OrderedField NoSuchFieldError by Locating Conflicting JARs

This article explains why using fastjson's Feature.OrderedField caused a NoSuchFieldError during unit tests, demonstrates two methods—Maven dependency tree and runtime class location—to pinpoint the conflicting JAR, and shows how switching to Gson resolved the issue.

BackendReflectionfastjson

0 likes · 4 min read

How to Identify and Resolve Fastjson Feature.OrderedField NoSuchFieldError by Locating Conflicting JARs

Programmer DD

Oct 29, 2020 · Backend Development

Is FastJson Really Faster? Performance, Popularity, and Why You Might Drop It

This article examines Alibaba's FastJson library, benchmarking its speed against Jackson and Gson, analyzing its limited adoption, exposing unresolved issues, and ultimately recommending a shift to more widely supported JSON parsers for Java projects.

GsonJacksonLibrary comparison

0 likes · 5 min read

Is FastJson Really Faster? Performance, Popularity, and Why You Might Drop It

FunTester

Oct 9, 2020 · Backend Development

Why Does My Groovy Object’s toString Return Empty? A Debugging Tale

The article explains a puzzling bug where a Groovy‑created object's toString becomes empty after fastjson serialization, traces the issue to Java access modifiers, demonstrates the problem with sample code and console output, and resolves it by adding a public modifier.

Access ModifiersGroovydebugging

0 likes · 3 min read

Why Does My Groovy Object’s toString Return Empty? A Debugging Tale

Full-Stack Internet Architecture

Sep 27, 2020 · Backend Development

Spring Boot JSON Handling: Default Jackson, FastJson, and Unified Response Structure

This tutorial explains how Spring Boot returns JSON using the default Jackson library, compares it with Alibaba's FastJson, demonstrates handling of null values, and shows how to encapsulate responses in a unified structure with status codes and messages for backend development.

JSONJacksonREST API

0 likes · 12 min read

Spring Boot JSON Handling: Default Jackson, FastJson, and Unified Response Structure

macrozheng

Jul 13, 2020 · Information Security

Why Fastjson’s AutoType Is a Security Nightmare—and How to Fix It

This article examines Fastjson’s AutoType feature, explains how its design leads to serious deserialization vulnerabilities across multiple versions, demonstrates exploit techniques using crafted @type payloads, and provides practical mitigation steps such as enabling safeMode and upgrading to the latest release.

AutoTypeDeserializationfastjson

0 likes · 17 min read

Why Fastjson’s AutoType Is a Security Nightmare—and How to Fix It

Java Backend Technology

Jun 6, 2020 · Backend Development

Is FastJson Really Faster? Benchmark vs Jackson and Gson

This article examines FastJson’s claim of speed by benchmarking it against Jackson and Gson, analyzes test results, discusses its popularity, highlights critical bugs in its timestamp handling, and ultimately recommends abandoning FastJson in favor of more widely adopted JSON libraries.

GsonJacksonfastjson

0 likes · 8 min read

FunTester

Jun 1, 2020 · Information Security

Fastjson <=1.2.68 Remote Code Execution Vulnerability and Mitigation Recommendations

Tencent Cloud Security reports that Fastjson versions up to 1.2.68 contain a high‑risk remote code execution vulnerability exploitable via the autotype feature, allowing attackers to gain server system privileges, and recommends immediate updates, enabling SafeMode, or replacing the library with alternatives such as Jackson‑databind or Gson.

Remote Code ExecutionSafeModeSecurity Vulnerability

0 likes · 3 min read

Fastjson <=1.2.68 Remote Code Execution Vulnerability and Mitigation Recommendations

Architecture Digest

May 31, 2020 · Information Security

Fastjson Remote Code Execution Vulnerability – Background, Risk, Affected Versions, and Mitigation

The article details the high‑severity Fastjson remote code execution vulnerability discovered on May 28 2020, describing its background, risk assessment, affected versions (≤ 1.2.68), recommended temporary mitigation using SafeMode, a timeline of events, and reference links for further information.

RCEfastjsonpatch

0 likes · 3 min read

Fastjson Remote Code Execution Vulnerability – Background, Risk, Affected Versions, and Mitigation

Programmer DD

May 30, 2020 · Information Security

Critical Fastjson RCE Vulnerability (≤1.2.68): Risks, Impact, and Fixes

On May 28, 2020, 360CERT reported a high‑severity remote code execution flaw in Alibaba’s Fastjson library (versions ≤1.2.68) that bypasses autotype restrictions, affecting many assets, and provided temporary mitigation steps and upgrade recommendations to safeguard systems.

CVERemote Code ExecutionSecurity Advisory

0 likes · 3 min read

Critical Fastjson RCE Vulnerability (≤1.2.68): Risks, Impact, and Fixes

Architect's Tech Stack

May 28, 2020 · Backend Development

FastJson: What It Is, Performance Comparison, Popularity Issues, and Why to Abandon It

The article introduces Alibaba's FastJson library, presents a benchmark showing it is only modestly faster than Jackson, discusses its limited popularity and numerous unresolved issues, and concludes that projects should prefer Jackson and gradually drop FastJson in favor of more reliable JSON parsers.

GsonJacksonfastjson

0 likes · 7 min read

FastJson: What It Is, Performance Comparison, Popularity Issues, and Why to Abandon It

Top Architect

May 6, 2020 · Backend Development

FastJson: Speed Claims, Popularity, and Why It Should Be Abandoned

The article examines Alibaba's FastJson library, presenting performance tests against Jackson and Gson, revealing modest speed gains, low adoption in Maven, numerous unresolved issues, and ultimately recommending developers switch to Jackson for JSON processing in Java projects.

GsonJSONJackson

0 likes · 5 min read

FastJson: Speed Claims, Popularity, and Why It Should Be Abandoned

Programmer DD

Apr 1, 2020 · Backend Development

What’s New in fastjson 1.2.68? Security Enhancements, GeoJSON Support, and Bug Fixes

fastjson 1.2.68 introduces a safeMode configuration that disables autoType, adds an autoType blacklist, supports GeoJSON, and fixes several bugs including JSONObject conversion issues, jsonpath .max/.min handling, and Map.Entry generics, while providing detailed release notes for developers.

GeoJSONJSONbug fix

0 likes · 3 min read

What’s New in fastjson 1.2.68? Security Enhancements, GeoJSON Support, and Bug Fixes

Programmer DD

Mar 4, 2020 · Backend Development

Fastjson 1.2.66 Released: Security Hardening and Extensive Bug Fixes

Fastjson 1.2.66, a maintenance release, introduces security hardening, an AutoType blacklist, and a series of bug fixes ranging from BeanToArray errors to Kotlin generic handling, while also adding support for Queue deserialization and enhanced date parsing.

Bug FixesJSONfastjson

0 likes · 3 min read

Fastjson 1.2.66 Released: Security Hardening and Extensive Bug Fixes

Programmer DD

Nov 27, 2019 · Backend Development

Master Fastjson: Fast Java JSON Parsing and Serialization Guide

This article introduces JSON basics, explains the Fastjson library from Alibaba, outlines its key features, and provides practical Java code examples for parsing, serializing, and converting between JSON strings, objects, arrays, maps, lists, and beans using Fastjson’s API.

DeserializationJSONfastjson

0 likes · 6 min read

Master Fastjson: Fast Java JSON Parsing and Serialization Guide

Java Captain

Jun 27, 2019 · Backend Development

Performance Benchmark of Common Java JSON Libraries Using JMH

Using JMH, this article benchmarks the serialization and deserialization performance of four popular Java JSON libraries—Gson, Fastjson, Jackson, and Json-lib—by testing various scenarios with a complex Person model, analyzing results, and providing guidance on selecting the most suitable library for high‑performance applications.

GsonJMHJSON

0 likes · 13 min read

360 Quality & Efficiency

Mar 28, 2018 · Backend Development

Using JSONPath with Fastjson in Java: Introduction, Usage, and Example

JSONPath, analogous to XPath for XML, enables efficient querying of JSON data; this article introduces its concepts, demonstrates how to integrate Fastjson's JSONPath in Java, provides syntax examples, and showcases a simple code demonstration with expected output.

Data QueryJsonPathTutorial

0 likes · 3 min read

Using JSONPath with Fastjson in Java: Introduction, Usage, and Example