OOPSLA '87 Conference proceedings on Object-oriented programming systems, languages and applications
Toward a typed foundation for method specialization and inheritance
POPL '90 Proceedings of the 17th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A Theory of Objects
A lambda calculus of objects and method specialization
Nordic Journal of Computing
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JavaScript: The Definitive Guide
JavaScript: The Definitive Guide
BrowserShield: Vulnerability-driven filtering of dynamic HTML
ACM Transactions on the Web (TWEB)
Status report: specifying javascript with ML
ML '07 Proceedings of the 2007 workshop on Workshop on ML
Beamauth: two-factor web authentication with a bookmark
Proceedings of the 14th ACM conference on Computer and communications security
ECOOP '07 Proceedings of the 21st European conference on ECOOP 2007: Object-Oriented Programming
DBPL'05 Proceedings of the 10th international conference on Database Programming Languages
Towards a type system for analyzing javascript programs
ESOP'05 Proceedings of the 14th European conference on Programming Languages and Systems
Towards type inference for javascript
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Retaining sandbox containment despite bugs in privileged memory-safe code
Proceedings of the 17th ACM conference on Computer and communications security
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
VEX: vetting browser extensions for security vulnerabilities
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Vetting browser extensions for security vulnerabilities with VEX
Communications of the ACM
Modeling the HTML DOM and browser API in static analysis of JavaScript web applications
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
ADsafety: type-based verification of JavaScript Sandboxing
SEC'11 Proceedings of the 20th USENIX conference on Security
Towards a program logic for JavaScript
POPL '12 Proceedings of the 39th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Reasoning about Web Applications: An Operational Semantics for HOP
ACM Transactions on Programming Languages and Systems (TOPLAS)
Modeling and reasoning about DOM events
WebApps'12 Proceedings of the 3rd USENIX conference on Web Application Development
Efficient runtime policy enforcement using counterexample-guided abstraction refinement
CAV'12 Proceedings of the 24th international conference on Computer Aided Verification
Enhancing javascript with transactions
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
Correlation tracking for points-to analysis of javascript
ECOOP'12 Proceedings of the 26th European conference on Object-Oriented Programming
A tested semantics for getters, setters, and eval in JavaScript
Proceedings of the 8th symposium on Dynamic languages
Dependent types for JavaScript
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Eval begone!: semi-automated removal of eval from javascript programs
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Formal specification of a JavaScript module system
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Fully abstract compilation to JavaScript
POPL '13 Proceedings of the 40th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Lightweight compilation of (c)lp to javascript*
Theory and Practice of Logic Programming
All about the with statement in JavaScript: removing with statements in JavaScript applications
Proceedings of the 9th symposium on Dynamic languages
Combining form and function: static types for JQuery programs
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
A trusted mechanised JavaScript specification
Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages
| Hi-index | 0.02 |
We define a small-step operational semantics for the ECMAScript standard language corresponding to JavaScript, as a basis for analyzing security properties of web applications and mashups. The semantics is based on the language standard and a number of experiments with different implementations and browsers. Some basic properties of the semantics are proved, including a soundness theorem and a characterization of the reachable portion of the heap.