Corpus ID: 12120501

Modeling and Reasoning about DOM Events

@inproceedings{Lerner2012ModelingAR,
  title={Modeling and Reasoning about DOM Events},
  author={Benjamin S. Lerner and Matthew J. Carroll and D. P. Kimmel and H. Vallee and S. Krishnamurthi},
  booktitle={WebApps},
  year={2012}
}
Web applications are fundamentally reactive. Code in a web page runs in reaction to events, which are triggered either by external stimuli or by other events. The DOM, which specifies these behaviors, is therefore central to the behavior of web applications. We define the first formal model of event behavior in the DOM, with high fidelity to the DOM specification. Our model is concise and executable, and can therefore be used for testing and verification. We have applied it in several settings… Expand
A Trusted Infrastructure for Symbolic Analysis of Event-Driven Web Applications
TLDR
JaVerT.Click is a symbolic execution tool for JavaScript that, for the first time, supports reasoning about JavaScript programs that use multiple event-related APIs, and is demonstrated by proving both the presence and absence of bugs in real-world JavaScript code. Expand
Static analysis of event-driven Node.js JavaScript applications
TLDR
The event-based call graph is presented, a program representation that can be used to detect bugs related to event handling and the number of false positives reported by the analysis on a suite of small Node.js applications is manageable. Expand
Information Flow Control for Event Handling and the DOM in Web Browsers
TLDR
This paper builds formal models of both the DOM and the event handling loop of a typical browser, enhances the models with fine-grained taints and checks for IFC, proves the enhancements sound and test the ideas through an instrumentation of WebKit, an in-production browser engine. Expand
Combining Form and Function: Static Types for JQuery Programs
TLDR
A novel type system is proposed to statically detect jQuery errors and extends Typed JavaScript with local structure about the page and with multiplicities about the structure of containers to track precisely which nodes are active in a jQuery object with minimal programmer annotation effort. Expand
Static Analysis of JavaScript Web Applications in the Wild via Practical DOM Modeling (T)
We present SAFEWapp, an open-source static analysis framework for JavaScript web applications. It provides a faithful (partial) model of web application execution environments of various browsers,Expand
Typed-based verification of Web sandboxes
TLDR
This article presents a type-based approach to verifying Web sandboxes, using a JavaScript type-checker to encode and verify sandboxing properties, and demonstrates it by applying it to the ADsafe Web sandbox, providing a proof of ADsafe's safety. Expand
Battles with False Positives in Static Analysis of JavaScript Web Applications in the Wild
TLDR
This paper collects and analyzes 30 JavaScript web applications in the wild, analyze them using SAFE, the state-of-the-art JavaScript static analyzer with bug detection, and investigates false positives in the analysis results, showing that the approach effectively reducesfalse positives in statically analyzing web applicationsIn the wild. Expand
Search-Based Test Data Generation for JavaScript Functions that Interact with the DOM
TLDR
An empirical evaluation of the JEDI testing framework shows that the genetic with restart algorithm, proposed in this paper, is able to achieve complete branch coverage for all experimental subjects, taking on average 19 seconds per branch. Expand
Analysis of JavaScript Programs
TLDR
This article classify the client-side JavaScript research for the last decade or so into six topics: static analysis, dynamic analysis, formalization and reasoning, type safety and JIT optimization, security for web applications, and empirical studies. Expand
Higher-order functional reactive programming without spacetime leaks
TLDR
A new language for higher-order reactive programming that generalizes and simplifies prior type systems for reactive programming, and supports an efficient implementation strategy permitting us to eagerly deallocate old values and statically rule out spacetime leaks. Expand
...
1
2
...

References

SHOWING 1-10 OF 25 REFERENCES
Local Hoare reasoning about DOM
TLDR
This work transfers O'Hearn, Reynolds and Yang's local Hoare reasoning for analysing heaps to XML, viewing XML as an in-place memory store as does DOM, and provides a first step towards a compositional specification of DOM. Expand
Featherweight Firefox: Formalizing the Core of a Web Browser
TLDR
The specification accurately models the asynchronous nature of web browsers and covers the basic aspects of windows, DOM trees, cookies, HTTP requests and responses, user input, and a minimal scripting language with first-class functions, dynamic evaluation, and AJAX requests. Expand
Designing for extensibility and planning for conflict: experiments in web-browser design
TLDR
C3, the "Cloud Computing Client", an implementation of the HTML/CSS/JS platform architected explicitly to support experimentation with extensibility is presented, and it is claimed that Language-specific extension mechanisms are needed for each of HTML, CSS, and JS, and such mechanisms areneeded for building useful diagnostic tools to address inter-extension conflicts. Expand
C3: An Experimental, Extensible, Reconfigurable Platform for HTML-based Applications
TLDR
C3 is presented, an implementation of the HTML/CSS/JS platform designed for web-client research and experimentation that explores the role of extensibility throughout the web platform for customization and research efforts, by introducing novel extension points and generalizing existing ones. Expand
Web browsers as operating systems: supporting robust and secure web programs
The World Wide Web has changed significantly since its introduction, facing a shift in its workload from passive web pages to active programs. Current web browsers were not designed for thisExpand
An Operational Semantics for JavaScript
TLDR
A small-step operational semantics for the ECMAScript standard language corresponding to JavaScript is defined, as a basis for analyzing security properties of web applications and mashups, including a soundness theorem and a characterization of the reachable portion of the heap. Expand
Securing Script-Based Extensibility in Web Browsers
TLDR
A taint-based system to track the spread of untrusted data in the browser and to detect the characteristic signatures of privilege escalation attacks is proposed and evaluated by using exploits from the Firefox bug database. Expand
Towards a Formal Foundation of Web Security
TLDR
A formal model of web security based on an abstraction of the web platform is proposed and this model is used to analyze the security of several sample web mechanisms and applications and identifies three distinct threat models. Expand
Semantics Engineering with PLT Redex
TLDR
This text is the first comprehensive presentation of reduction semantics in one volume and introduces the first reliable and easy-to-use tool set for such forms of semantics, and presents a framework for the formulation of language models as PLT Redex models. Expand
Document Object Model
TLDR
The Document Object Model: Processing Structured Documents will help you flatten your learning curve, standardize programming, reuse code, and reduce development time. Expand
...
1
2
3
...