Generation of CSRF token is too expensive

Fixed

Description fields

Description

When disabling the country filter, response time gets noticeably slower. This can be reproduced in our demo but not in a local installation with the bundle.

Steps to reproduce:

Execute the following command in order to measure the response time:

Add configuration property /server/filters/country@enabled with value false in order to disable the filter and execute same command than in step 1.

Expected result: response time is similar or even lower as filter execution is avoided.
Actual result: response time is noticeably higher:

Timebox for investigation: 3 SP

Verify findings, can they be used as a solution?
Consider potential implications (login page CSRF)

Attachments

image-2020-10-01-15-40-42-358.png

01 Oct, 2020

Screenshot 2020-09-30 at 08.09.20.png

01 Oct, 2020

Screenshot 2020-09-30 at 08.00.48.png

01 Oct, 2020

Linked work items

relates to

MAGNOLIA-7991

Invalid path for cookie with special characters

Activity

Yan

October 5, 2020 at 7:31 AM

Yan

October 5, 2020 at 7:14 AM

Julius Rabe

October 2, 2020 at 12:16 PM

Julius Rabe

October 1, 2020 at 1:41 PM

Julius Rabe

October 1, 2020 at 1:27 PM

(edited)

Resize work item view side panel

Details

Assignee

Aleksandr Pchelintcev

Reporter

Jonathan Ayala

Priority

Neutral

Support Score

Magnolia Release

5.7.9, 6.1.7, 6.2.4

Story Points

Sprint

Add sprint

More fields

Created August 19, 2020 at 2:21 PM

Updated February 11, 2025 at 6:16 AM

Resolved October 12, 2020 at 7:05 AM

Generation of CSRF token is too expensive

Description

relates to

Yan

Yan

Julius Rabe

Julius Rabe

Julius Rabe

Details

Assignee

Reporter

Priority

Support Score

Magnolia Release

Labels

Fix versions

Affects versions

Story Points

Sprint

More fields