PolicyFactory / fast copy constructor or method

OWASP / java-html-sanitizer

Takes third-party HTML and produces HTML that is safe to embed in your web application. Fast and easy to configure.

Other

836 stars 210 forks source link

PolicyFactory / fast copy constructor or method #224

Open JohannesLichtenberger opened 3 years ago

JohannesLichtenberger commented 3 years ago

Would it be possible to add a fast copy-method or copy-constructor to the PolicyFactory class. The method

public PolicyFactory and(PolicyFactory f)

seems to be relatively slow and we have to reset the PolicyFactories often times. Thus it would probably be an option to copy the initial concatenation of all PolicyFactories and use something like a fast copy method to reset the factories to the initial state.

simon-greatrix commented 3 years ago

PolicyFactory instances have no mutable state, so creating a copy doesn't do very much.

There is nothing intrinsic in PolicyFactory that needs resetting. What are you doing?

I can see a reason for stateful pre- and post-processors. Is that what you are resetting?

JohannesLichtenberger commented 3 years ago

I'm doing a bunch of and-method calls to add policies. A user then might add further optional policies. In a rendering pipeline the configuration gets resettet to the initial state sometimes and apparently regarding CPU profile samples in YourKit the and-method seems to be costly.