Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve escape_html_attr performance #4024

Merged
merged 1 commit into from Feb 21, 2022
Merged

Improve escape_html_attr performance #4024

merged 1 commit into from Feb 21, 2022

Conversation

mrkishi
Copy link
Member

@mrkishi mrkishi commented Feb 20, 2022
edited by benmccann

Closes #4016.
Depends on #4015.

Replaces the character-by-character loop with a regex-based str.replace call.

Please don't delete this checklist! Before submitting the PR, please make sure you do the following:

  • It's really useful if your PR references an issue where it is discussed ahead of time. In many cases, features are absent for a reason. For large changes, please create an RFC: https://github.com/sveltejs/rfcs
  • This message body should clearly illustrate what problems it solves.
  • Ideally, include a test that fails without this PR but passes with it.

Tests

  • Run the tests with pnpm test and lint the project with pnpm lint and pnpm check

Changesets

  • If your PR makes a change that should be noted in one or more packages' changelogs, generate a changeset by running pnpx changeset and following the prompts. All changesets should be patch until SvelteKit 1.0

benmccann
benmccann reviewed Feb 20, 2022
View reviewed changes
packages/kit/src/utils/escape.js
'"': '"'
};

const escape_html_attr_regex = new RegExp(
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we add a comment about why this is needed?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why delete < and >
they break HTML if not escaped
we had issue #3773

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

and we fixed it with #3798 and #3804

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@PH4NTOMiki That was about escape_json_in_html, this is about escape_html_attr.

@benmccann Sorry about the comments, the previous code didn't have them and I thought they weren't necessary. I'll add some.

@changeset-bot
Copy link

changeset-bot bot commented Feb 20, 2022
edited

⚠️ No Changeset found

Latest commit: 4d146d0

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@Rich-Harris
Copy link
Member

Nice, I did a naive benchmark locally and this is way faster

@Rich-Harris Rich-Harris merged commit a9daeec into sveltejs:master Feb 21, 2022
@mrkishi mrkishi deleted the attr-escape-perf branch February 21, 2022 20:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benmccann benmccann benmccann left review comments

@PH4NTOMiki PH4NTOMiki PH4NTOMiki left review comments

@Rich-Harris Rich-Harris Rich-Harris approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Utf16 handling in html attributes and text
4 participants
@mrkishi @Rich-Harris @benmccann @PH4NTOMiki