A Formal Semantics of the Core DOM in Isabelle/HOL

@article{Brucker2018AFS,
  title={A Formal Semantics of the Core DOM in Isabelle/HOL},
  author={Achim D. Brucker and Michael Herzberg},
  journal={Companion Proceedings of the The Web Conference 2018},
  year={2018}
}
At its core, the Document Object Model (DOM) defines a tree-like data structure for representing documents in general and HTML documents in particular. It is the heart of any modern web browser. Formalizing the key concepts of the DOM is a prerequisite for the formal reasoning over client-side JavaScript programs and for the analysis of security concepts in modern web browsers. We present a formalization of the core DOM, with focus on the node-tree and the operations defined on node-trees, in… 

Figures and Tables from this paper

A Formal Model of the Document Object Model
TLDR
This entry presents a formalization of the core DOM, with focus on the node-tree and the operations defined on node-trees, in Isabelle/HOL, and uses the formalization to verify the functional correctness of the most important functions defined in the DOM standard.
A Formalization of Web Components
While the DOM with shadow trees provide the technical basis for defining web components, the DOM standard neither defines the concept of web components nor specifies the safety properties that web
Formalizing (Web) Standards - An Application of Test and Proof
TLDR
Most popular technologies are based on informal or semi-formal standards that lack a rigid formal semantics, and there might be API specifications and test cases meant to assert the compliance of implementations, but the actual standard is rarely accompanied by a formal model.
A Formally Verified Model of Web Components
TLDR
Shadow trees allow developers to “partition” a DOM instance into parts that should be safely separated, e.

References

SHOWING 1-10 OF 25 REFERENCES
The Core DOM
TLDR
This entry presents a formalization of the core DOM, with focus on the node-tree and the operations defined on node-trees, in Isabelle/HOL, and uses the formalization to verify the functional correctness of the most important functions defined in the DOM standard.
DOM: Towards a Formal Specification
TLDR
This work transfers O’Hearn, Reynolds and Yang’s local Hoare reasoning for analysing heaps to XML, viewing XML as an in-place memory store as does DOM, and shows that the reasoning scales to DOM.
A Type Safe DOM API
TLDR
This work defines a refinement of Java’s type system which makes most of these constraints accessible and thus checkable to the compiler and provides a type soundness proof with respect to an operational semantics of a Java core language.
An Extensible Encoding of Object-oriented Data Models in hol
We present an extensible encoding of object-oriented data models into higher-order logic (hol). Our encoding is supported by a datatype package that leverages the use of the shallow embedding
An Interactive Proof Environment for Object-oriented Specifications
TLDR
This work develops a semantic framework for object-oriented specification languages as a conservative shallow embedding in Isabelle/HOL, and shows that this framework can be the basis of a formal machine-checked semantics for OCL that is compliant to the OCL 2.0 standard.
Local reasoning about Web programs
TLDR
This thesis makes use of recent developments in program reasoning using context logic to provide the first formal, compositional specification for the Fundamental Interfaces of DOM Core Level 1, presenting both a bigstep operational semantics for the necessary operations of the library and a context logic for reasoning about programs which use the library.
Featherweight Firefox: Formalizing the Core of a Web Browser
TLDR
The specification accurately models the asynchronous nature of web browsers and covers the basic aspects of windows, DOM trees, cookies, HTTP requests and responses, user input, and a minimal scripting language with first-class functions, dynamic evaluation, and AJAX requests.
Modeling the HTML DOM and browser API in static analysis of JavaScript web applications
TLDR
This paper presents the first static analysis that is capable of reasoning about the flow of control and data in modern JavaScript applications that interact with the HTML DOM and browser API, and studies the usefulness of the analysis to detect spelling errors in the code.
Verified Security for Browser Extensions
TLDR
This paper presents \ibex, a new framework for authoring, analyzing, verifying, and deploying secure browser extensions based on using type-safe, high-level languages to program extensions against an API providing access to a variety of browser features, and proposes using Data log to specify fine-grained access control and dataflow policies.
Introduction to HOL: a theorem proving environment for higher order logic
TLDR
A tutorial on goal-directed proof: tactics and tacticals and theorem-Proving With HOL, a simple proof tool for goal-oriented proof of the binomial theorem.
...
1
2
3
...