Analysis and testing of Web applications
ICSE '01 Proceedings of the 23rd International Conference on Software Engineering
GUI Ripping: Reverse Engineering of Graphical User Interfaces for Testing
WCRE '03 Proceedings of the 10th Working Conference on Reverse Engineering
Formal Framework for Automated Analysis and Verification of Web-Based Applications
Proceedings of the 19th IEEE international conference on Automated software engineering
Verifying Interactive Web Programs
Proceedings of the 19th IEEE international conference on Automated software engineering
A system for specification and verification of interactive, data-driven web applications
Proceedings of the 2006 ACM SIGMOD international conference on Management of data
Improving test case generation for web applications using automated interface discovery
Proceedings of the the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering
Automatic Extraction and Verification of Page Transitions in aWeb Application
APSEC '07 Proceedings of the 14th Asia-Pacific Software Engineering Conference
Efficient symbolic execution of strings for validating web applications
Proceedings of the 2nd International Workshop on Defects in Large Software Systems: Held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2009)
Precise interface identification to improve testing and analysis of web applications
Proceedings of the eighteenth international symposium on Software testing and analysis
Proceedings of the IEEE/ACM international conference on Automated software engineering
SideAuto: quantitative information flow for side-channel leakage in web applications
Proceedings of the 12th ACM workshop on Workshop on privacy in the electronic society
Hi-index | 0.00 |
With web applications in high demand, one cannot underestimate the importance of their quality assurance process. Web applications are open event-driven systems that take sequences of user events and produce changes in the user interface or the underlying application. Web applications are difficult to test because the set of possible sequences of user inputs allowed by the interface of a web application can be very large. Software model checking techniques can be effective for validating such applications but they only work for closed systems. In this paper, we present an approach for closing web applications with a driver that contains two parts: (1) the application-specific Page Transition Graph (PTG), which encodes the application's possible pages, user and server events, their corresponding event-handlers, and user data and (2) the application-independent PTG-based driver, which generates test sequences that can be executed with analysis tools such as Java PathFinder (JPF). The first part can be automatically extracted from the implementation of a web application and the second part is written once and reused across multiple web applications belonging to the same framework. We implemented our approach in a driver generator that automatically extracts PTG models from implementation of JSP-based web applications, checks the extracted PTGs for navigation inconsistencies, and enables JPF analysis. We evaluated our approach on ten open-source and industrial web applications and present the detected errors.