Static validation of dynamically generated HTML
PASTE '01 Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Analysis and testing of Web applications
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
Static Checking of Dynamically Generated Queries in Database Applications
Proceedings of the 26th International Conference on Software Engineering
Testing web database applications
ACM SIGSOFT Software Engineering Notes
Verifying Interactive Web Programs
Proceedings of the 19th IEEE international conference on Automated software engineering
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
Verifiable Web Services with Hierarchical Interfaces
ICWS '05 Proceedings of the IEEE International Conference on Web Services
Helping End-Users "Engineer" Dependable Web Applications
ISSRE '05 Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering
Using positive tainting and syntax-aware evaluation to counter SQL injection attacks
Proceedings of the 14th ACM SIGSOFT international symposium on Foundations of software engineering
Modeling Interactions of Web Software
WWV '06 Proceedings of the 2nd Int'l. Workshop on Automated Specification and Verification of Web Systems
Improving test case generation for web applications using automated interface discovery
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Finding bugs in dynamic web applications
ISSTA '08 Proceedings of the 2008 international symposium on Software testing and analysis
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Models for contract conformance
ISoLA'04 Proceedings of the First international conference on Leveraging Applications of Formal Methods
Web application modeling for testing and analysis
Proceedings of the 2008 Foundations of Software Engineering Doctoral Symposium
Isolation points: Creating performance-robust enterprise systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
Precise interface identification to improve testing and analysis of web applications
Proceedings of the eighteenth international symposium on Software testing and analysis
Locating need-to-translate constant strings in web applications
Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering
Static detection of access control vulnerabilities in web applications
SEC'11 Proceedings of the 20th USENIX conference on Security
Domain and value checking of web application invocation arguments
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Automated web application testing using search based software engineering
ASE '11 Proceedings of the 2011 26th IEEE/ACM International Conference on Automated Software Engineering
Automated detection of client-state manipulation vulnerabilities
Proceedings of the 34th International Conference on Software Engineering
Automating presentation changes in dynamic web applications via collaborative hybrid analysis
Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering
An automated analysis methodology to detect inconsistencies in web services with WSDL interfaces
Software Testing, Verification & Reliability
Identifying message flow in distributed event-based systems
Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering
| Hi-index | 0.01 |
Quality assurance techniques for web applications have become increasingly important as web applications have gained in popularity and become an essential part of our daily lives. To integrate content and data from multiple sources, the components of a web application communicate extensively among themselves. Unlike traditional program modules, the components communicate through interfaces and invocations that are not explicitly declared. Because of this, the communication between two components can fail due to a parameter mismatch between the interface invoked by a calling component and the interface provided by the called component. Parameter mismatches can cause serious errors in the web application and are difficult to identify using traditional testing and verification techniques. To address this problem, we propose a static-analysis based approach for identifying parameter mismatches. We also present an empirical evaluation of the approach, which we performed on a set of real web applications. The results of the evaluation are promising; our approach discovered 133 parameter mismatches in the subject applications.