意思是:XStream 的安全框架没有初始化,xstream 容易受攻击。
解决方法:xStream对象设置默认安全防护,同时设置允许的类
XStream xStream = newXStream();
XStream.setupDefaultSecurity(xStream);
xStream.allowTypes(new Class[]{Test.class, Test1.class});
参考:https://www.fengyunxiao
参考:https://www.fengyunxiao/blogs
更多推荐
XStream 1.4.10 出现警告:Security framework of XStream not initialized, XStream is pr
发布评论