4-21 - Insecure serialized data detected
The current server may be under attack or Dubbo’s built-in class checking logic has not scanned the class you defined.
Troubleshooting and resolution steps
- If the source of the request is an attack source, please perform security hardening in time.
- If the request source is expected, please declare the class name you are using in the
security/serialize.allowlistresource file, and Dubbo will automatically load it into the security list.
Currently Dubbo can work in monitoring mode and restricted mode. The monitoring mode only prints logs and does not intercept; the restricted model will intercept.
Last modified January 11, 2023: Add 4-21 (#1836) (b9ea1efcae)