[dubbo-website] branch master updated: Add 4-21 (#1836)

Tue, 10 Jan 2023 22:29:54 -0800 

This is an automated email from the ASF dual-hosted git repository.

albumenj pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/dubbo-website.git


The following commit(s) were added to refs/heads/master by this push:
     new b9ea1efcaeb Add 4-21 (#1836)
b9ea1efcaeb is described below

commit b9ea1efcaeb67730e19e2fc1c607a3e465ca88da
Author: Albumen Kevin <[email protected]>
AuthorDate: Wed Jan 11 14:29:16 2023 +0800

    Add 4-21 (#1836)
---
 content/en/docs3-v2/java-sdk/faq/4/21.md | 21 +++++++++++++++++++++
 content/zh/docs3-v2/java-sdk/faq/4/21.md | 21 +++++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/content/en/docs3-v2/java-sdk/faq/4/21.md 
b/content/en/docs3-v2/java-sdk/faq/4/21.md
new file mode 100644
index 00000000000..af354fba417
--- /dev/null
+++ b/content/en/docs3-v2/java-sdk/faq/4/21.md
@@ -0,0 +1,21 @@
+---
+type: docs
+title: "4-21 - Insecure serialized data detected"
+linkTitle: "4-21 - Insecure serialized data detected"
+weight: 21
+---
+
+## possible reason
+
+The current server may be under attack or Dubbo's built-in class checking 
logic has not scanned the class you defined.
+
+## Troubleshooting and resolution steps
+
+1. If the source of the request is an attack source, please perform security 
hardening in time.
+2. If the request source is expected, please declare the class name you are 
using in the `security/serialize.allowlist` resource file, and Dubbo will 
automatically load it into the security list.
+
+## hint
+
+Currently Dubbo can work in monitoring mode and restricted mode. The 
monitoring mode only prints logs and does not intercept; the restricted model 
will intercept.
+
+<p style="margin-top: 3rem;"> </p>
\ No newline at end of file
diff --git a/content/zh/docs3-v2/java-sdk/faq/4/21.md 
b/content/zh/docs3-v2/java-sdk/faq/4/21.md
new file mode 100644
index 00000000000..85c6b12d607
--- /dev/null
+++ b/content/zh/docs3-v2/java-sdk/faq/4/21.md
@@ -0,0 +1,21 @@
+---
+type: docs
+title: "4-21 - 检测到不安全的序列化数据"
+linkTitle: "4-21 - 检测到不安全的序列化数据"
+weight: 21
+---
+
+## 可能的原因
+
+当前服务端可能受到攻击或者是 Dubbo 内置的类检查逻辑没有扫描到您所定义的类。
+
+## 排查和解决步骤
+
+1. 如果请求源是攻击源,请及时进行安全加固。
+2. 如果请求源是预期的,请在 `security/serialize.allowlist` 资源文件中声明您所使用的类名,Dubbo 
将自动将其加载到安全列表中。
+
+## 提示
+
+当前 Dubbo 可以工作在监控模式和限制模式下。监控模式只打印日志,不进行拦截;限制模型将进行拦截。
+
+<p style="margin-top: 3rem;"> </p>
\ No newline at end of file

Reply via email to