commit | 099108239cc9fb81a8d1cbdc48467fe30ba6529c | [log] [tgz] |
---|---|---|
author | xingrufei <xingrufei@sogou-inc.com> | Thu Aug 05 15:50:28 2021 +0800 |
committer | xingrufei <xingrufei@sogou-inc.com> | Thu Aug 05 15:50:28 2021 +0800 |
tree | babeda74b3c7656d17755e67a64de357441b58a1 | |
parent | f7f52ccc7a7e7b0e95a760a4b63bc4429316b4e8 [diff] |
[AMQ-8348] Fix XmlMessageRenderer has the risk of XStream deserialization
diff --git a/activemq-web/src/main/java/org/apache/activemq/web/view/XmlMessageRenderer.java b/activemq-web/src/main/java/org/apache/activemq/web/view/XmlMessageRenderer.java index 10caf9b..bfa0a06 100644 --- a/activemq-web/src/main/java/org/apache/activemq/web/view/XmlMessageRenderer.java +++ b/activemq-web/src/main/java/org/apache/activemq/web/view/XmlMessageRenderer.java
@@ -42,6 +42,7 @@ public XStream getXstream() { if (xstream == null) { xstream = new XStream(); + XStream.setupDefaultSecurity(xstream); } return xstream; }