Toggle navigation
MeasureThat.net
Create a benchmark
Tools
Feedback
FAQ
Register
Log In
Validate performance of JWT string validation by decoding vs basic string match
(version: 0)
Comparing performance of:
decodeAndTest() vs testWithoutDecoding()
Created:
2 years ago
by:
Guest
Jump to the latest result
Script Preparation code:
var token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiY3VzdG9tZXJfaWQiOiJqb2huZG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.ScbjLEXxqzZQ9JEw5yQu2MLlGsLhHzMlg7aZHZnH4Ro"; function decodeAndTest() { return "customer_id" in JSON.parse(atob(token.split(".")[1])); } var encodedCustId = "Y3VzdG9tZXJfaWQ="; function testWithoutDecoding() { return token.indexOf(encodedCustId) >= 0; }
Tests:
decodeAndTest()
decodeAndTest()
testWithoutDecoding()
testWithoutDecoding()
Rendered benchmark preparation results:
Suite status:
<idle, ready to run>
Run tests (2)
Previous results
Fork
Test case name
Result
decodeAndTest()
testWithoutDecoding()
Fastest:
N/A
Slowest:
N/A
Latest run results:
Run details:
(Test run date:
2 years ago
)
User agent:
Mozilla/5.0 (iPhone; CPU iPhone OS 17_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1
Browser/OS:
Mobile Safari 17 on iOS 17.2.1
View result in a separate tab
Embed
Embed Benchmark Result
<iframe src="https://measurethat.net/Embed?id=493104" width="100%" height="500px"></iframe>
Test name
Executions per second
decodeAndTest()
1839141.0 Ops/sec
testWithoutDecoding()
7607919.0 Ops/sec
Autogenerated LLM Summary
(model
llama3.2:3b
, generated one year ago):
I'll break down the provided JSON for you. **Benchmark Definition:** The benchmark measures the performance of two different approaches to validate a JSON Web Token (JWT) string: 1. **Basic String Match:** This approach uses the `indexOf()` method to search for a specific substring (`encodedCustId`) within the JWT token string. 2. **JSON Decoding:** This approach uses the `JSON.parse()` function to decode the JWT token and then checks if a certain property (`customer_id`) exists in the decoded object. **Options Compared:** The benchmark compares these two approaches: * Basic String Match (using `indexOf()`) * JSON Decoding (using `JSON.parse()`) **Pros and Cons of Each Approach:** 1. **Basic String Match (using `indexOf()`)** * Pros: + Fast and lightweight + Can be implemented with minimal overhead * Cons: + May not work correctly if the token string is malformed or contains unexpected characters + Not suitable for large-scale applications where security is a concern 2. **JSON Decoding (using `JSON.parse()`)** * Pros: + Provides a more secure way to access token data, as it decodes the token into a JavaScript object + Can handle malformed or unexpected characters in the token string * Cons: + More computationally expensive than the basic string match approach + May incur additional overhead due to parsing and decoding the token **Library Used:** The benchmark uses the `JSON` library, which is a built-in JavaScript library that provides functions for working with JSON data. **Special JS Feature/Syntax:** * **JSON.parse()**: This function takes a JSON string as input and returns a JavaScript object. It's used to decode the JWT token. * **atob()**: This function takes a Base64-encoded string as input and returns a binary string. In this benchmark, it's used to extract the payload from the JWT token. **Other Considerations:** When choosing between these approaches, consider the trade-offs between security, performance, and complexity. If security is a top concern, JSON decoding might be a better choice. However, if speed and lightweight implementation are more important, the basic string match approach might be sufficient. **Alternative Approaches:** Other alternatives to these approaches could include: * Using a dedicated JWT library or SDK that provides optimized functions for token validation * Implementing custom parsing logic using regular expressions or other techniques * Using a different data structure or algorithm for token validation
Related benchmarks:
Remove bearer prefix from JWT token
string split vs substring vs substr (first item)
Atob JWT Decode
JWT token Split vs Basic string replace
Comments
Confirm delete:
Do you really want to delete benchmark?