sofa-hessian
sofa-hessian copied to clipboard
sofastack
An internal improved version of Hessian3/4 powered by Ant Group CO., Ltd.
- 通过对com.alipay.hessian.generic.io.GenericObjectSerializer.ObjectDefinition进行比较来决定当前要写入的GenericObject是否要重新写入definition - 无需对每一个GenericObject都写入definition - 减小序列化体积,节省带宽
## Describe the bug code in `com/alipay/sofa/middleware/config/log/log4j/log-conf.xml` https://github.com/sofastack/sofa-hessian/blob/a71bc56376aa049cccd39da01b6f56620dcfcaf2/src/main/resources/com/alipay/sofa/middleware/config/log/log4j/log-conf.xml#L8 `com.alibaba.common.logging.spi.log4j.DailyRollingFileAppender` is internal class and will throw ClassNotFoundException when use sofa-rpc 5.8.x and log4j 1.x. > java.lang.ClassNotFoundException: com.alibaba.common.logging.spi.log4j.DailyRollingFileAppender at java.net.URLClassLoader.findClass(URLClassLoader.java:381) at java.lang.ClassLoader.loadClass(ClassLoader.java:424)...
## In what area(s)? @OrezzerO > /area runtime > /area operator > /area placement > /area docs > /area test-and-release ## Ask your question here Excuse me, have you recently...
对于复杂类型,如: { String a, B b, } 当调用GenericUtils.convertToGenericObject(JSON.parseObject("\"a\":\"123\",\"b\":{...}"))进行sofa rpc调用时报无法转换为B对象
Could you please fix that? ``` WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.caucho.hessian.io.HessianInput (jar:file:/.../com/caucho/hessian/main/hessian-4.0.63.jar!/) to field java.lang.Throwable.detailMessage WARNING: Please consider reporting this to...
1.StackOverflowError, when object do not equals the replace 2. Serialize twice, when object equals the replace, one is WriteReplaceSerializer, and the other is JavaSerializer
Hessian 是一种二进制序列化协议。 由于 Hessian 自身实现关系,通过构造特定的序列化流,经过反序列化后可能会造成任意代码执行,存在安全风险,建议用户配置黑名单或白名单的方式来解决该问题。 本项目内置的黑名单来自内部实践和外部贡献,仅供参考,不做主动更新。如需要更严格的校验,请使用白名单功能。 Hessian is a binary serialization protocol. Because of the implement of Hessian, by constructing a specific serialization stream, it may cause arbitrary code execution...