NServiceBus takes instances of .NET objects (messages, events, and commands) and sends/receives them over a specified transport. As part of this process, the object must be serialized and deserialized. NServiceBus achieves this using serializers.
The Newtonsoft JSON Serializer provides an effective general-purpose serializer appropriate for most use cases based on the ubiquitous Json.NET package. The Newtonsoft package provides a good combination of compactness, human readability, and performance. Other serializers are supported in order to enable specific performance or integration requirements.
A serializer can be configured using the
endpointConfiguration. API. Refer to the dedicated documentation pages for each available serializer for more information about the specific configuration.
The default serializer used in NServiceBus projects is the custom XmlSerializer. Unless explicitly configured otherwise, NServiceBus will use XmlSerializer for serializing and deserializing all messages.
Besides the officially supported and community maintained serializers, it is also possible to implement and register a custom serializer.
It is possible to use immutable types as messages. NServiceBus does not restrict this; It depends on the chosen serializer implementation if it supports deserializing to non public properties and/or using non-default constructors to initialize types.
For example, the Newtonsoft JSON Serializer by default supports immutable messages types.
The deserialization target type is defined by the incoming message. Although NServiceBus only deserializes message payloads that are considered a valid message type, side effects in constructor methods or property setters of message contracts may be abused by an attacker with access to the transport infrastructure.
To avoid unintended behavior during message deserialization, avoid executing code with side effects as part of constructors and property setters of message types.