struts-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lukasz Lenart (JIRA)" <>
Subject [jira] [Commented] (WW-4375) improve security check performance
Date Mon, 14 Jul 2014 05:16:05 GMT


Lukasz Lenart commented on WW-4375:

Did you perform any benchmarks on that? Anyway, I'm planing to remodel how expressions are
passed around - instead using simple String I would like to have a dedicated class which will
represents the expression itself, its state and origins (client input, struts configuration,
etc). Thus should allow reduce security checks

> improve security check performance
> ----------------------------------
>                 Key: WW-4375
>                 URL:
>             Project: Struts 2
>          Issue Type: Improvement
>    Affects Versions: 2.3.18
>            Reporter: zhouyanming
>             Fix For: 2.5
> currently struts is a little low performance because we must do much security check,I
think struts should provide two ways for security check,One for client inputs and the other
for non-inputs.client inputs must use the most strict check.and server side expressions could
skip most check,it will improve performance because most of access is from server side.

This message was sent by Atlassian JIRA

View raw message