I'm not really sure about the argument to sanitize data. Can't we sanitize it in a little less than 11 seconds? Also, isn't there a possibility the user wants this HTML code to come in as HTML code rather than plain text?
<br><br>I would guess that my module does lack many sanity checks, but at the same time, I do assume that administrators should be responsible as to what feeds they add to their sites.<br><br>By the way, any sanity gurus who would like to check on my module's sanity checks and help me with additional sanity checks are very welcome and have my full gratitude. Just drop me a line off-list.
<br><br><div><span class="gmail_quote">On 6/19/07, <b class="gmail_sendername">Morbus Iff</b> <<a href="mailto:morbus@disobey.com">morbus@disobey.com</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> Unfortunately, we can't take these statistics as canon:<br>><br>> * there's no instructions on how to duplicate.<br>><br>> * the SimplePie result is an estimate ("At SimplePie I have to<br>
> do an estimate, because the feed download time was accumulated<br>> to the measure."<br>><br>> * it is unknown whether the other feed parsers are doing the<br>> same sanitization that SimplePie does, again, which adds
<br>> more time to the results.<br><br>I have done some quick tests, using the same URL as Aron:<br><br> <a href="http://www.christiannewswire.com/rss/catfeed_2.xml">http://www.christiannewswire.com/rss/catfeed_2.xml
</a><br><br>I downloaded this file to my desktop. I will be passing this string into<br>SimplePie instead of allowing SimplePie to download it. The file is 1M:<br><br> 1027320 Jun 19 11:50 catfeed_2.xml<br><br>This is the script I used with SimplePie
1.0 b3.2 (20061124):<br><br> <?php<br> $handle = fopen('./catfeed_2.xml', "r");<br> $contents = fread($handle, filesize('./catfeed_2.xml'));<br><br> require './simplepie.inc';
<br> $feed = new SimplePie();<br> $feed->set_raw_data($contents);<br> $feed->init();<br> $parsed = $feed->get_items();<br> ?><br><br>With this command line:<br><br> ~/Desktop > date && php
simplepie.php && date<br> Tue Jun 19 12:26:10 EDT 2007<br> Tue Jun 19 12:26:22 EDT 2007<br><br>As you can see, this does confirm the 10 or 12 second parse time -- it<br>is also using all the sanitation that SimplePie does by default.
<br>However, SimpleFeed and FeedParser both ship with the latest development<br>version of SimplePie which includes an option to stop this sanitation:<br><br> $feed->set_stupidly_fast(TRUE);<br><br>I grabbed today's development version, added the above
<br>line before the ->init() in the above script, and reran:<br><br> ~/Desktop > date && php simplepie.php && date<br> Tue Jun 19 12:28:54 EDT 2007<br> Tue Jun 19 12:28:55 EDT 2007<br><br>You'll notice that it is only 1 second which removes all doubt in my
<br>mind that SimplePie is a bad thing comparitively (since one would assume<br>you'd sanitize the data as necessary within Drupal).<br><br>--<br>Morbus Iff ( and think about the bad things that I didn't do )<br>Technical:
<a href="http://www.oreillynet.com/pub/au/779">http://www.oreillynet.com/pub/au/779</a><br>Culture: <a href="http://www.disobey.com/">http://www.disobey.com/</a> and <a href="http://www.gamegrene.com/">http://www.gamegrene.com/
</a><br>aim: akaMorbus / skype: morbusiff / icq: 2927491 / <a href="http://jabber.org">jabber.org</a>: morbus<br></blockquote></div><br>