4-21 - Insecure serialized data detected
possible reason
The current server may be under attack or Dubbo’s built-in class checking logic has not scanned the class you defined.
Troubleshooting and resolution steps
- If the source of the request is an attack source, please perform security hardening in time.
- If the request source is expected, please declare the class name you are using in the
security/serialize.allowlist
resource file, and Dubbo will automatically load it into the security list.
hint
Currently Dubbo can work in monitoring mode and restricted mode. The monitoring mode only prints logs and does not intercept; the restricted model will intercept.
Last modified January 11, 2023: Add 4-21 (#1836) (b9ea1efcaeb)