FileSessionHandler exception: BinaryFormatter serialization and deserialization are disabled

[gianlucastella1]

I've:

• {Searched} in Issues
• {Checked} Example projects
• {Read} wiki pages
• Not sure

Issue category

• Bug
• Feature Request
• Missing Feature
• Question
• Not sure

Language

• C#
• VB.NET

Usage

• Windows Form/Console app
• WPF app
• Asp .NET MVC
• Asp .NET Core
• Universal Windows Platform [UWP]
• Xamarin or Xamarin Forms
• Mono
• Other

Operating System

• Windows
• Windows Server
• Linux
• Mac OS
• Other

Debug logs

            _api = InstaApiBuilder.CreateBuilder()
                .UseLogger(new DebugLogger(LogLevel.All))
                .SetSessionHandler(new FileSessionHandler() { FilePath = "./ig_session" })
                .Build();

            _api.SessionHandler.Load()

throws following exception

BinaryFormatter serialization and deserialization are disabled within this application. See https://aka.ms/binaryformatter for more information.
at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Serialize(Stream serializationStream, Object graph) 
at InstagramApiSharp.Helpers.SerializationHelper.SerializeToStream(Object o) 
at InstagramApiSharp.API.InstaApi.GetStateDataAsStream() 
at InstagramApiSharp.Classes.SessionHandlers.FileSessionHandler.Save() 
at [CUT]

Describe your issue

FileSessionHandler uses BinaryFormatter to laod and save session. As stated in https://aka.ms/binaryformatter

The BinaryFormatter type is dangerous and is not recommended for data processing. Applications should stop using BinaryFormatter as soon as possible, even if they believe the data they're processing to be trustworthy. BinaryFormatter is insecure and can't be made secure.
This affects:

• .NET Framework all versions
• .NET Core 2.1 - 3.1
• .NET 5 and later

[gianlucastella1]

As a workaround, a custom ISessionHandler can be implemented using BinaryReader/BinaryWriter:

    public class CustomFileSessionHandler : ISessionHandler
    {
        public IInstaApi InstaApi { get; set; }
        public string FilePath { get; set; }

        private Encoding _encoding = Encoding.UTF8;

        public void Load()
        {
            if (System.IO.File.Exists(FilePath))
            {
                using (var stream = File.Open(FilePath, FileMode.Open))
                {
                    using (var reader = new BinaryReader(stream, Encoding.UTF8, false))
                    {
                        var stateAsBase64String = reader.ReadString();
                        var stateAsString = _encoding.GetString(Convert.FromBase64String(stateAsBase64String));

                        InstaApi.LoadStateDataFromString(stateAsString);
                    }
                }
            }
        }

        public void Save()
        {
            using (var stream = File.Open(FilePath, FileMode.Create))
            {
                var stateAsString = InstaApi.GetStateDataAsString();
                var stateAsBase64String = Convert.ToBase64String(_encoding.GetBytes(stateAsString));

                using (var writer = new BinaryWriter(stream, Encoding.UTF8, false))
                {
                    writer.Write(stateAsBase64String);
                }
            }
        }
    }