Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Already on GitHub? Sign in to your account

SEC-1903: FirewalledResponse recompiles constant regex pattern for every instance #2134

spring-issuemaster opened this Issue Jan 31, 2012 · 1 comment


None yet
1 participant

Ophir Radnitz (Migrated from SEC-1903) said:

org.springframework.security.web.firewal.FirewalledResponse holds a regex Pattern as an instance member. This means it is instantiated and recompiled for every FirewalledResponse instance. These are created quite rapidly in the FilterChainProxy filter invocation. The pattern should probably become a static member.

Rob Winch said:

Assigning to Luke since he has already pushed a fix out

@spring-issuemaster spring-issuemaster added this to the 3.1.1 milestone Feb 5, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment