Make WordPress Core

Opened 19 months ago

Last modified 19 months ago

#57221 new enhancement

Opportunity for optimization on invalid query to REST API Search Controller

Reported by: starbuck's profile Starbuck Owned by:
Milestone: Awaiting Review Priority: normal
Severity: minor Version: 6.2
Component: REST API Keywords:
Focuses: Cc:

Description

Ref: https://core.trac.wordpress.org/browser/trunk/src/wp-includes/rest-api/endpoints/class-wp-rest-search-controller.php#L119

Here we see get_items executes a query and gets a list of $ids. Then it loops through all $ids to prepare the response. And then it checks the total number of records to see if the requested page is larger than the number of pages available.

This is a proposal to check $max_pages before the response preparation, to avoid the loop if the request is pre-destined to return an error anyway.

This would only provide a performance benefit on invalid queries. But looking up at line 115, function get_items_permission_check always returns true. I can imagine a DOS where a large number of search queries are queued up just to keep a system busy.

Change History (1)

This ticket was mentioned in Slack in #core-restapi by starbuck. View the logs.


19 months ago

Note: See TracTickets for help on using tickets.