marylinh / owasp-esapi-java

Automatically exported from code.google.com/p/owasp-esapi-java
Other
0 stars 0 forks source link

Performance #332

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
I Had a Server facing around 10000 requests per second. I Added Esapi for 
Security checks ( mostly getValidInput) and it crashed the CPU. CPU Utilization 
went to 90%  with around 1500 requests per sec. I use 
ESAPI.validator().getValidInput(params) everytime i need to check. Am i doing 
something wrong or is it a performance bug?? Please help asap. I am stuck. DO I 
have to implement singleton class somewhere?

Original issue reported on code.google.com by guptanav...@gmail.com on 8 Jul 2014 at 6:33

GoogleCodeExporter commented 9 years ago
fyi I also use ESAPI.encoder().canonicalize()

Original comment by guptanav...@gmail.com on 8 Jul 2014 at 6:34

GoogleCodeExporter commented 9 years ago
Please somebody reply. I have a deadline to meet and i have no clue what to do.

Original comment by guptanav...@gmail.com on 8 Jul 2014 at 8:26

GoogleCodeExporter commented 9 years ago
Figured out the issue. In ValidInput we were not setting Encoder to true or 
false Manually. So it used to read the properties and cause a Severe 
Performance Issue. As a Data for 1 lakh Requests it took 3 times more time when 
no input was provided. Maybe we should mention it in the documents somewhere as 
a Safe Practice.

Original comment by guptanav...@gmail.com on 8 Jul 2014 at 10:55