Static Analysis of JavaScript Web Applications in the Wild via Practical DOM Modeling (T)

We present SAFE Wapp , an open-source static analysis framework for JavaScript web applications. It provides a faithful (partial) model of web application execution environments of various browsers, based on empirical data from the main web pages of the 9,465 most popular websites. A main feature of...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:2015 30th IEEE/ACM International Conference on Automated Software Engineering (ASE) s. 552 - 562
Hlavní autori: Changhee Park, Sooncheol Won, Joonho Jin, Sukyoung Ryu
Médium: Konferenčný príspevok..
Jazyk:English
Vydavateľské údaje: IEEE 01.11.2015
Predmet:
Analytical models
Browsers
Encyclopedias
HTML
Internet
Web pages
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:We present SAFE Wapp , an open-source static analysis framework for JavaScript web applications. It provides a faithful (partial) model of web application execution environments of various browsers, based on empirical data from the main web pages of the 9,465 most popular websites. A main feature of SAFE Wapp is the configurability of DOM tree abstraction levels to allow users to adjust a trade-off between analysis performance and precision depending on their applications. We evaluate SAFEWapp on the 5 most popular JavaScript libraries and the main web pages of the 10 most popular websites in terms of analysis performance, precision, and modeling coverage. Additionally, as an application of SAFE Wapp , we build a bug detector for JavaScript web applications that uses static analysis results from SAFE Wapp . Our bug detector found previously undiscovered bugs including ones from wikipedia.org and amazon.com.
DOI:10.1109/ASE.2015.27