ePrints@IIScePrints@IISc Home | About | Browse | Latest Additions | Advanced Search | Contact | Help

Testing and analysis of web applications using page models

Athaiya, Snigdha and Komondoor, Raghavan (2017) Testing and analysis of web applications using page models. In: 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2017, 10 - 14 July 2017, Santa Barbara, pp. 181-191.

[img] PDF
ISSTA2017_ACM SIGSOFT_181-191_2017 .pdf - Published Version
Restricted to Registered users only
Download (265kB) | Request a copy
Official URL: https://doi.org/10.1145/3092703.3092734

Abstract

Web applications are difficult to analyze using code-based tools because data-flow and control-flow through the application occurs via both server-side code and client-side pages. Client-side pages are typically specified in a scripting language that is different from the main server-side language; moreover, the pages are generated dynamically from the scripts. To address these issues we propose a static-analysis approach that automatically constructs a ``model'' of each page in a given application. A page model is a code fragment in the same language as the server-side code, which faithfully over-approximates the possible elements of the page as well as the control-flows and data-flows due to these elements. The server-side code in conjunction with the page models then becomes a standard (non-web) program, thus amenable to analysis using standard code-based tools. We have implemented our approach in the context of J2EE applications. We demonstrate the versatility and usefulness of our approach by applying three standard analysis tools on the resultant programs from our approach: a concolic-execution based model checker (JPF), a dynamic fault localization tool (Zoltar), and a static slicer (Wala).

Item Type: Conference Paper
Publisher: Association for Computing Machinery, Inc
Additional Information: The copyright for this article belongs to the Association for Computing Machinery, Inc.
Keywords: JSP; Static Analysis; Web Applications
Department/Centre: Division of Electrical Sciences > Computer Science & Automation
Date Deposited: 14 Jun 2022 06:10
Last Modified: 14 Jun 2022 06:10
URI: https://eprints.iisc.ac.in/id/eprint/73476

Actions (login required)

View Item View Item
Powered by EPrints A service from The J.R.D. Tata Memorial Library Indian Institute of Science, Bengaluru-560012, India