Page MenuHomePhabricator
Create Task
Maniphest T229311

Avoid unnecessary encoding of '<', '>' and '&' in output of load.php
Closed, DeclinedPublic
Actions

Description

The styles and messages delivered by load.php contains unnecessary escaped characters like \u003E instead of >. Escaping of <, > and & is not needed here and is a waste of traffic.

Examples:

Details

SubjectRepoBranchLines +/-
resourceloader: Avoid HTML encoding in output of load.phpmediawiki/coremaster+22 -5
resourceloader: Add $context to static functions in ResourceLoadermediawiki/coremaster+133 -66
Customize query in gerrit

Event Timeline

Fomafix created this task.Jul 30 2019, 8:43 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJul 30 2019, 8:43 AM
gerritbot added a comment.Jul 30 2019, 8:43 AM

Change 526385 had a related patch set uploaded (by Fomafix; owner: Fomafix):
[mediawiki/core@master] ResourceLoader: Avoid escaping of characters in styles

https://gerrit.wikimedia.org/r/526385

gerritbot added a project: Patch-For-Review.Jul 30 2019, 8:43 AM
Krinkle triaged this task as Medium priority.Jul 30 2019, 1:11 PM
Krinkle moved this task from Inbox to Accepted Enhancement on the MediaWiki-ResourceLoader board.
Krinkle moved this task from Inbox, needs triage to Backlog: Maintenance, non-prioritized on the Performance-Team board.
Krinkle subscribed.

Thanks!

Fomafix renamed this task from Remove unnecessary escaping in styles to Remove unnecessary escaping of '<', '> and '&' in styles and messages.Aug 1 2019, 6:28 PM
Fomafix renamed this task from Remove unnecessary escaping of '<', '> and '&' in styles and messages to Remove unnecessary escaping of '<', '>' and '&' in styles and messages.
Fomafix updated the task description. (Show Details)
gerritbot added a comment.Sep 9 2019, 6:58 PM

Change 535266 had a related patch set uploaded (by Fomafix; owner: Fomafix):
[mediawiki/core@master] [WIP] resourceloader: Move encodeJsonForScript to ResourceLoaderContext

https://gerrit.wikimedia.org/r/535266

Fomafix renamed this task from Remove unnecessary escaping of '<', '>' and '&' in styles and messages to Avoid unnecessary encoding of '<', '>' and '&' in output of load.php.Sep 12 2019, 11:18 AM
gerritbot added a comment.Sep 27 2019, 8:48 PM

Change 535266 merged by jenkins-bot:
[mediawiki/core@master] resourceloader: Add $context to static functions in ResourceLoader

https://gerrit.wikimedia.org/r/535266

ReleaseTaggerBot added a project: MW-1.34-notes (1.34.0-wmf.25; 2019-10-01).Sep 27 2019, 9:00 PM
Krinkle removed a project: MW-1.34-notes (1.34.0-wmf.25; 2019-10-01).Oct 16 2019, 10:42 PM
Krinkle removed a project: Patch-For-Review.Mar 27 2020, 4:57 PM
gerritbot added a comment.Feb 12 2021, 3:24 AM

Change 526385 abandoned by Krinkle:
[mediawiki/core@master] resourceloader: Avoid HTML encoding in output of load.php

Reason:
I'm declining this for sake of simplicitly. The optimisation is imho not worth the complexity and security risk, and I rather like the idea that we are "just" sending load.php responses into <script> tags, essentially following the preload / "Facebook BigPipe" idea. Separating the two would require every possible byte that might make its way into the response to be split and injected and made aware of this which I think is too big of a gamble and limitation to enforce on the whole stack.

https://gerrit.wikimedia.org/r/526385

Krinkle closed this task as Declined.Feb 12 2021, 3:24 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL