Athaiya, Snigdha (2017) Inferring page models for web application analysis. In: 26th ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2017, 10 - 14 July 2017, Santa Barbara, pp. 412-415.
![]() |
PDF
ISSTA2017_ACM SIGSOFT_412-415_2017 .pdf - Published Version Restricted to Registered users only Download (491kB) | Request a copy |
Abstract
Web applications are difficult to analyze using code-based tools because data-flow and control-flow through the application occurs via both server-side code and client-side pages. Client-side pages are typically specified in a scripting language that is different from the main server-side language; moreover, the pages are generated dynamically from the scripts. To address these issues we propose a static-analysis approach that automatically constructs a "model" of each page in a given application. A page model is a code fragment in the same language as the server-side code, which faithfully over-approximates the possible elements of the page as well as the control-flows and data-flows due to these elements. The server-side code in conjunction with the page models then becomes a standard (non-web) program, thus amenable to analysis using standard code-based tools.
Item Type: | Conference Paper |
---|---|
Publisher: | Association for Computing Machinery, Inc |
Additional Information: | The copyright for this article belongs to the Association for Computing Machinery, Inc. |
Keywords: | JavaScript; JSP; Static Analysis; Web Applications |
Department/Centre: | Division of Electrical Sciences > Computer Science & Automation |
Date Deposited: | 14 Jun 2022 06:35 |
Last Modified: | 14 Jun 2022 06:35 |
URI: | https://eprints.iisc.ac.in/id/eprint/73477 |
Actions (login required)
![]() |
View Item |