[wp-trac] [WordPress Trac] #22951: Performance enhancements for esc_url()
WordPress Trac
noreply at wordpress.org
Sat Dec 15 04:36:04 UTC 2012
#22951: Performance enhancements for esc_url()
-----------------------------+--------------------------
Reporter: markjaquith | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: Performance
Version: | Severity: normal
Keywords: |
-----------------------------+--------------------------
`esc_url()` gets used a lot on WordPress admin pages. Sometimes 100 times
or more. Nacin did some KcacheGrind measurements that had it as 7% of some
pages. We can speed it up.
Most of the grind comes from `wp_kses_bad_protocol()`.
I had a thought that we're sort of going about things backwards. We're
being very careful to exclude anything harmful — bad characters, bad
protocols, duplicate fake-out protocols, etc. But almost 100% of the time,
the URL going through it is a http/https URL that has completely normal
characters in it. We can detect that really early, and bail.
I did some tests with this approach that showed a good time savings.
Quite obviously, there's no room to compromise on security, so we'll need
to be watching unit test, and maybe even writing some new ones for good
measure.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/22951>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list