当前位置:网站首页>fastjson开启safeMode,关闭autoType,去除安全漏洞
fastjson开启safeMode,关闭autoType,去除安全漏洞
2022-06-12 03:20:00 【望月湖】
fastjson开启safeMode,关闭autoType,去除安全漏洞
在1.2.68之后的版本,在1.2.68版本中,fastjson增加了safeMode的支持。safeMode打开后,完全禁用autoType。所有的安全修复版本sec10也支持SafeMode配置。
有三种方式配置SafeMode,如下:
1.在代码中配置
ParserConfig.getGlobalInstance().setSafeMode(true);
注意,如果使用new ParserConfig的方式,需要注意单例处理,否则会导致低性能full gc。
2. 加上JVM启动参数
-Dfastjson.parser.safeMode=true
如果有多个包名前缀,用逗号隔开
3.通过fastjson.properties文件配置。
通过类路径的fastjson.properties文件来配置,配置方式如下:
fastjson.parser.safeMode=true
边栏推荐
- I2C协议概述
- JSON and XML pros and cons
- Demand and business model innovation - demand 10- observation and document review
- 推荐6款办公软件,好用还免费,效率翻倍
- ssh公钥登录失败报错:sign_and_send_pubkey: no mutual signature supported
- Interpreting 2021 of middleware: after being reshaped by cloud nativity, it is more difficult to select models
- 顺序表与链表---初阶
- 微信小程序项目实例——双人五子棋
- Laravel 8 selects JWT for interface verification
- 2020-12-17
猜你喜欢
Drawcall, batches, setpasscall in unity3d
Requirements and business model innovation - Requirements 7- user requirements acquisition based on use case / scenario model
Calculus review 2
Comment prévenir les incendies électriques dans les centres commerciaux?
2020-12-07
How to build urban smart bus travel? Quick code to answer
The rise of another domestic mobile phone chip is close to the height reached by Huawei
Introduce the functions of the new project aleo
![[C language] dynamic memory allocation](/img/ac/ba3882c76f93dde0ab0d5294c5b6d9.jpg)
[C language] dynamic memory allocation
Steamvr--- grab objects
随机推荐
Final summary of addition, deletion, modification and query - 2.1 (single table - addition, deletion, modification and query)
AcrelCloud-6000安全用电云平台在某商业广场的应用
About 100 to realize the query table? Really? Let's experience the charm of amiya.
简单的数据库连接示例
cupp字典生成工具(同类工具还有crunch)
2020-12-12
Steamvr--- grab objects
mysql/oracle 以唯一时间为分界,小于等于该时间求和,大于该时间求和
Calculus review 2
central limit theorem
Selection (045) - what is the output of the following code?
微服务概念及介绍
Introduce the functions of the new project aleo
xml
Special materials | household appliances, white electricity, kitchen electricity
Demand and business model innovation - demand 11 - overview of demand analysis
How do I make the mouse wheel work in the VB6 ide- How can I make mousewheel work in VB6 IDE?
Requirements and business model innovation - Requirements 7- user requirements acquisition based on use case / scenario model
Data flow diagram of Flink
How to build urban smart bus travel? Quick code to answer