NSSecureCoding

Conforming to the NSSecureCoding protocol indicates that an object handles encoding and decoding instances of itself in a manner that is robust against object substitution attacks.

protocol NSSecureCoding : NSCoding
Browse conforming types

Historically, many classes decoded instances of themselves like this:

if let object = decoder.decodeObject(forKey: "myKey") as? MyClass {
    ...succeeds...
} else {
    ...fail...
}

This technique is potentially unsafe because by the time you can verify the class type, the object has already been constructed, and if this is part of a collection class, potentially inserted into an object graph.

In order to conform to NSSecureCoding:

  • An object that does not override init(coder:) can conform to NSSecureCoding without any changes (assuming that it is a subclass of another class that conforms).

  • An object that does override init(coder:) must decode any enclosed objects using the decodeObject(of:forKey:) method. For example:

    let obj = decoder.decodeObject(of: MyClass.self, forKey: "myKey")

    In addition, the class must override its NSSecureCoding method to return true.