You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@dubbo.apache.org by "raboof (via GitHub)" <gi...@apache.org> on 2023/03/06 16:23:06 UTC

[GitHub] [dubbo-spi-extensions] raboof opened a new pull request, #196: Explicitly call out hessian-rpc is unstafe by default

raboof opened a new pull request, #196:
URL: https://github.com/apache/dubbo-spi-extensions/pull/196

   ## What is the purpose of the change
   
   Make it more clear to users how to securely use dubbo-rpc-hessian
   
   ## Brief changelog
   
   Add a README explaining the risk and (for now) hinting at the solution
   
   ## Verifying this change
   
   Follow this checklist to help us incorporate your contribution quickly and easily:
   
   - [x] Make sure there is a [GITHUB_issue](https://github.com/apache/dubbo/issues) field for the change (usually before
     you start working on it). Trivial changes like typos do not require a GITHUB issue. Your pull request should address
     just this issue, without pulling in other changes - one PR resolves one issue.
   - [ ] Format the pull request title like `[Dubbo-XXX] Fix UnknownException when host config not exist #XXX`. Each commit
     in the pull request should have a meaningful subject line and body.
   - [ ] Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
   - [ ] Write necessary unit-test to verify your logic correction, more mock a little better when cross module dependency
     exist. If the new feature or significant change is committed, please remember to add sample
     in [dubbo samples](https://github.com/apache/dubbo-samples) project.
   - [ ] Run `mvn clean install -DskipTests=false` & `mvn clean test-compile failsafe:integration-test` to make sure
     unit-test and integration-test pass.
   - [ ] If this contribution is large, please follow
     the [Software Donation Guide](https://github.com/apache/dubbo/wiki/Software-donation-guide).
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org

[GitHub] [dubbo-spi-extensions] AlbumenJ merged pull request #196: Explicitly call out hessian-rpc is unstafe by default

Posted by "AlbumenJ (via GitHub)" <gi...@apache.org>.
AlbumenJ merged PR #196:
URL: https://github.com/apache/dubbo-spi-extensions/pull/196


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org