[SLING-4584] Performance: XSSAPI.getValidHref should not be based on HTML filtering - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: XSS Protection API 1.0.2
Fix Version/s: XSS Protection API 1.0.4
Component/s: Extensions
Labels:
- perfomance
- xss

Description

Around 3% of the rendering time is spent in getValidHref because it uses AntiSamy (which is a HTML filter) to do the job. This is obviously a hack and adds a lot of unnecessary overhead.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

0001-SLING-4584-Performance-XSSAPI.getValidHref-should-no.patch
12/Jun/15 14:09
123 kB
Joel Richard

Activity

People

Assignee:: Radu Cotescu

Reporter:: Joel Richard

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 07/Apr/15 11:58

Updated:: 03/Aug/15 11:54

Resolved:: 29/Jul/15 14:29