Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Soot - a Java bytecode optimization framework
CASCON '99 Proceedings of the 1999 conference of the Centre for Advanced Studies on Collaborative research
Extending Java for high-level Web service construction
ACM Transactions on Programming Languages and Systems (TOPLAS)
Static Analysis of XML Transformations in Java
IEEE Transactions on Software Engineering
Static approximation of dynamically generated Web pages
WWW '05 Proceedings of the 14th international conference on World Wide Web
Mining configurable enterprise information systems
Data & Knowledge Engineering
Precise analysis of string expressions
SAS'03 Proceedings of the 10th international conference on Static analysis
XML graphs in program analysis
Proceedings of the 2007 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Sound and precise analysis of web applications for injection vulnerabilities
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Interprocedural Dataflow Analysis over Weight Domains with Infinite Descending Chains
FOSSACS '09 Proceedings of the 12th International Conference on Foundations of Software Science and Computational Structures: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Abstract Parsing: Static Analysis of Dynamically Generated String Output Using LR-Parsing Technology
SAS '09 Proceedings of the 16th International Symposium on Static Analysis
Complexity results on balanced context-free languages
FOSSACS'07 Proceedings of the 10th international conference on Foundations of software science and computational structures
String analysis as an abstract interpretation
VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
XML graphs in program analysis
Science of Computer Programming
Static extraction of program configuration options
Proceedings of the 33rd International Conference on Software Engineering
HTML Validation of context-free languages
FOSSACS'11/ETAPS'11 Proceedings of the 14th international conference on Foundations of software science and computational structures: part of the joint European conferences on theory and practice of software
Formal modeling
A practical string analyzer by the widening approach
APLAS'06 Proceedings of the 4th Asian conference on Programming Languages and Systems
Automated detection of client-state manipulation vulnerabilities
Proceedings of the 34th International Conference on Software Engineering
| Hi-index | 0.00 |
We present an approach for statically reasoning about the behavior of Web applications that are developed using Java Servlets and JSP. Specifically, we attack the problems of guaranteeing that all output is well-formed and valid XML and ensuring consistency of XHTML form fields and session state. Our approach builds on a collection of program analysis techniques developed earlier in the JWIG and Xact projects, combined with work on balanced context-free grammars. Together, this provides the necessary foundation concerning reasoning about output streams and application control flow.