[Owasp-antisamy] Performance optimization

Arshan Dabirsiaghi arshan.dabirsiaghi at aspectsecurity.com
Wed Jun 4 16:58:21 EDT 2008


Serge,
 
We are implementing this functionality into the current branch as we speak. You could do it now by creating an instance of AntiSamyDOMScanner directly and working with that, but I'd like people to use the AntiSamy facade for simplification.
 
In the next version we have introduced a constructor for AntiSamy that takes a Policy object. After it gets instantiated you can call the same AntiSamy object with the same, pre-built Policy object repeatedly. We have also put a getter and setter for the instance variable so that you can switch out policy files quickly and not have to rebuild them. I hope this helps, and we look forward to the next release in the next 1-2 weeks.
 
Thanks,
Arshan

________________________________

From: owasp-antisamy-bounces at lists.owasp.org on behalf of Serge Droganov
Sent: Wed 6/4/2008 4:37 PM
To: owasp-antisamy at lists.owasp.org
Subject: [Owasp-antisamy] Performance optimization



Hello,
RTFM doesn't help me, so I have to ask my question here.

I have discovered (with getScanTime) that AntiSamy needs about 0.028 
second to sanitize mid-sized html page.
But actual scan time  for the same page is about a second.

It looks like reading and parsing policy file is the most expensive 
operation.

So my question is:
Is there any option to read and parse policy file once at the first 
call and store results within an application?
(antiSamy.scan(input, cachedPolicy))


Thank you,
Serge
_______________________________________________
Owasp-antisamy mailing list
Owasp-antisamy at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-antisamy


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-antisamy/attachments/20080604/ea6523f7/attachment.html 


More information about the Owasp-antisamy mailing list