Friday, 6 Mar 2026

VB.NET JSON Serialization: Safe Object Handling Guide

Why JSON Serialization Matters in VB.NET

After analyzing this video, I recognize that serialization is a critical skill for VB.NET developers who need persistent object storage or cross-application data exchange. The core challenge? Microsoft's BinaryFormatter method is now obsolete due to security vulnerabilities, leaving many developers searching for modern alternatives. JSON serialization solves this with platform-agnostic data formatting that maintains object integrity while avoiding security risks.

Consider a real-world scenario: saving user session data when closing an application. Without proper serialization, you'd lose critical state information. JSON serialization ensures data persistence while adhering to modern security standards - something I've found essential in enterprise application development.

JSON Serialization Implementation Guide

Setting Up Newtonsoft.Json

First, install the Newtonsoft.Json package via NuGet:

  1. Right-click your project in Solution Explorer
  2. Select "Manage NuGet Packages"
  3. Search for "Newtonsoft.Json"
  4. Click Install
Imports Newtonsoft.Json
Imports System.IO

Serialization Code Walkthrough

Class Structure Preparation:

Public Class Person
    Public FirstName As String
    Public LastName As String
End Class

Public Class Employee
    Inherits Person
    Public Salary As Decimal
End Class

Serialization to File:

Dim emp As New Employee With {
    .FirstName = "John",
    .LastName = "Doe",
    .Salary = 55000
}

Using writer As New StreamWriter("employee.json")
    Dim json As String = JsonConvert.SerializeObject(emp, Formatting.Indented)
    writer.Write(json)
End Using

Deserialization from File:

Dim jsonString As String = File.ReadAllText("employee.json")
Dim emp2 As Employee = JsonConvert.DeserializeObject(Of Employee)(jsonString)

BinaryFormatter Security Risks

The video highlights Microsoft's explicit warning: BinaryFormatter is dangerous for data processing. From a security perspective, I've seen how its vulnerabilities enable denial-of-service attacks. The JSON approach eliminates this risk while offering human-readable output. Unlike BinaryFormatter's opaque binary format, JSON files maintain transparency - you can inspect them with any text editor.

Advanced Serialization Techniques

Conditional Property Serialization

Control which properties get serialized using special methods:

Public Class Employee
    Inherits Person
    Public Salary As Decimal
    
    Public Function ShouldSerializeSalary() As Boolean
        Return Salary >= 50000
    End Function
End Class

This pattern prevents salary serialization for values under £50,000 - ideal for sensitive data handling. Notice how the method naming convention (ShouldSerialize[PropertyName]) is automatically recognized by Newtonsoft.Json.

Inheritance Handling

JSON serialization seamlessly handles class inheritance hierarchies. When deserializing derived classes like Employee, use:

Dim emp As Employee = JsonConvert.DeserializeObject(Of Employee)(jsonString)

The serializer automatically maps properties from base and derived classes without additional configuration - something I've found more reliable than XML serialization in complex projects.

Implementation Checklist and Resources

Action Steps:

  1. Remove all attributes from classes
  2. Install Newtonsoft.Json via NuGet
  3. Replace BinaryFormatter calls with JsonConvert methods
  4. Implement conditional methods for sensitive properties
  5. Validate output with JSON linting tools

Recommended Tools:

  • Newtonsoft.Json: The industry standard for .NET JSON handling (ideal for all skill levels)
  • Visual Studio's JSON viewer: Built-in tool for structured JSON inspection
  • Postman: Excellent for testing JSON APIs (crucial for web integrations)

When to Use JSON Serialization

Based on professional experience, JSON serialization shines when:

  • Exchanging data between different programming languages
  • Building web APIs or microservices
  • Storing configuration data
  • Implementing save/load functionality in desktop applications

However, avoid JSON for extremely large datasets - binary formats still outperform in these scenarios. For most applications though, JSON provides the perfect balance of security, readability and interoperability.

Ready to implement secure serialization? Which data persistence challenge are you solving with JSON? Share your use case below!

Youtube
Blog