[Webkit-unassigned] [Bug 49845] New: XSS Auditor severely affects loading performance after submitting a large form

Fri Nov 19 17:11:17 PST 2010

https://bugs.webkit.org/show_bug.cgi?id=49845

           Summary: XSS Auditor severely affects loading performance after
                    submitting a large form
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Keywords: InRadar
          Severity: Major
          Priority: P2
         Component: Page Loading
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: ap at webkit.org
                CC: dbates at webkit.org

A certain enterprise application has severely degraded performance in Safari, and it turned out that this is due to XSSAuditor checks.

The problem occurs after the application submits a form - the result loads really slow, beachballing Safari. This happens because the form is huge (about 170Kbytes). Creating a SuffixTree from it takes a long time. In addition, the tree isn't effectively cached (it's re-created each time you go from external script to inline script to an event listener attribute).

Perhaps one doesn't need to create a SuffixTree if form data is longer than the script being executed? Or maybe there is an even better solution?

Of course, one can disable XSS Auditor with HTTP headers as a temporary workaround.

<rdar://problem/8546193>

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.