The revised report on the syntactic theories of sequential control and state
Theoretical Computer Science
Local Hoare reasoning about DOM
Proceedings of the twenty-seventh ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
An Operational Semantics for JavaScript
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Web browsers as operating systems: supporting robust and secure web programs
Web browsers as operating systems: supporting robust and secure web programs
Semantics Engineering with PLT Redex
Semantics Engineering with PLT Redex
Towards a Formal Foundation of Web Security
CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Featherweight Firefox: formalizing the core of a web browser
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
VEX: vetting browser extensions for security vulnerabilities
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Securing script-based extensibility in web browsers
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Typing local control and state using flow analysis
ESOP'11/ETAPS'11 Proceedings of the 20th European conference on Programming languages and systems: part of the joint European conferences on theory and practice of software
C3: an experimental, extensible, reconfigurable platform for HTML-based applications
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
ADsafety: type-based verification of JavaScript Sandboxing
SEC'11 Proceedings of the 20th USENIX conference on Security
Designing for extensibility and planning for conflict: experiments in web-browser design
Designing for extensibility and planning for conflict: experiments in web-browser design
Higher-order functional reactive programming without spacetime leaks
Proceedings of the 18th ACM SIGPLAN international conference on Functional programming
Combining form and function: static types for JQuery programs
ECOOP'13 Proceedings of the 27th European conference on Object-Oriented Programming
Hi-index | 0.00 |
Web applications are fundamentally reactive. Code in a web page runs in reaction to events, which are triggered either by external stimuli or by other events. The DOM, which specifies these behaviors, is therefore central to the behavior of web applications. We define the first formal model of event behavior in the DOM, with high fidelity to the DOM specification. Our model is concise and executable, and can therefore be used for testing and verification. We have applied it in several settings: to establish some intended meta-properties of the DOM, as an oracle for testing the behavior of browsers (where it found real errors), to demonstrate unwanted interactions between extensions and validate corrections to them, and to examine the impact of a web sandbox. The model composes easily with models of other web components, as a step toward full formal modeling of the web.