The implementation of the Amsterdam SGML parser
Electronic Publishing—Origination, Dissemination, and Design
The SGML handbook
Introduction To Automata Theory, Languages, And Computation
Introduction To Automata Theory, Languages, And Computation
Soot - a Java bytecode optimization framework
CASCON '99 Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research
Grammar-based analysis of string expressions
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
A Translation from the HTML DTD into a Regular Hedge Grammar
CIAA '08 Proceedings of the 13th international conference on Implementation and Applications of Automata
Abstract Parsing: Static Analysis of Dynamically Generated String Output Using LR-Parsing Technology
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
Static analysis for java servlets and JSP
SAS'06 Proceedings of the 13th international conference on Static Analysis
The design space of type checkers for XML transformation languages
ICDT'05 Proceedings of the 10th international conference on Database Theory
XML validation for context-free grammars
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Automated repair of HTML generation errors in PHP applications using string constraint solving
Proceedings of the 34th International Conference on Software Engineering
Automated detection of client-state manipulation vulnerabilities
Proceedings of the 34th International Conference on Software Engineering
An intersection type system for deterministic pushdown automata
TCS'12 Proceedings of the 7th IFIP TC 1/WG 202 international conference on Theoretical Computer Science
Hi-index | 0.00 |
We present an algorithm that generalizes HTML validation of individual documents to work on context-free sets of documents. Together with a program analysis that soundly approximates the output of Java Servlets and JSP web applications as context-free languages, we obtain a method for statically checking that such web applications never produce invalid HTML at runtime. Experiments with our prototype implementation demonstrate that the approach is useful: On 6 open source web applications consisting of a total of 104 pages, our tool finds 64 errors in less than a second per page, with 0 false positives. It produces detailed error messages that help the programmer locate the sources of the errors. After manually correcting the errors reported by the tool, the soundness of the analysis ensures that no more validity errors exist in the applications.