[wp-trac] [WordPress Trac] #33848: Protect against vulnerability in Netscape 4?
WordPress Trac
noreply at wordpress.org
Mon Sep 14 22:35:39 UTC 2015
#33848: Protect against vulnerability in Netscape 4?
-------------------------+------------------------------
Reporter: dmsnell | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Security | Version: trunk
Severity: normal | Resolution:
Keywords: | Focuses: performance
-------------------------+------------------------------
Comment (by dmsnell):
I've been trying to measure the performance impact of this check and
having trouble getting reliable tests. So far, the statistical variation
has been broader than any impact I've been able to measure.
Perhaps later I will try and extract a list of real-world strings and only
run `wp_kses()` over those strings and get some real numbers.
In the meantime, this may indicate that this patch would accomplish mostly
an aesthetic/maintenance improvement to the codebase.
@kitchin: I'm not sure how much of a performance impact that code would
have here. It appears like the regex is performing quite well, and I
noticed in the PHP docs that the PCRE library keeps a global list of
compiled expressions, meaning that this probably only calculates the regex
once and is quick to apply repeatedly. This might also be why I haven't
yet seen a big performance impact.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/33848#comment:5>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list