Ajax becomes more and more important for web applications that care about client side user experience. It allows sending requests asynchronously, without blocking clients from continuing execution. Callback functions are only executed upon receiving the responses. While such mechanism makes browsing a smooth experience, it may cause severe problems in the presence of unexpected network latency, due to the non-determinism of asynchronism. In this paper, we demonstrate the possible problems caused by the asynchronism and propose a static program analysis to automatically detect such bugs in web applications. As client side Ajax code is often wrapped in server-side scripts, we also develop a technique that extracts client-side JavaScript code from server-side scripts. We evaluate our technique on a number of real-world web applications. Our results show that it can effectively identify real bugs. We also discuss possible ways to avoid such bugs.
Description
Statically locating web application bugs caused by asynchronous calls
%0 Conference Paper
%1 Zheng:2011:SLW
%A Zheng, Yunhui
%A Bao, Tao
%A Zhang, Xiangyu
%B Proceedings of the 20th International Conference on World Wide Web
%D 2011
%I ACM
%K Analysis Bugs Concurrency JavaScript Static
%P 805--814
%R 10.1145/1963405.1963517
%T Statically Locating Web Application Bugs Caused by Asynchronous Calls
%X Ajax becomes more and more important for web applications that care about client side user experience. It allows sending requests asynchronously, without blocking clients from continuing execution. Callback functions are only executed upon receiving the responses. While such mechanism makes browsing a smooth experience, it may cause severe problems in the presence of unexpected network latency, due to the non-determinism of asynchronism. In this paper, we demonstrate the possible problems caused by the asynchronism and propose a static program analysis to automatically detect such bugs in web applications. As client side Ajax code is often wrapped in server-side scripts, we also develop a technique that extracts client-side JavaScript code from server-side scripts. We evaluate our technique on a number of real-world web applications. Our results show that it can effectively identify real bugs. We also discuss possible ways to avoid such bugs.
%@ 978-1-4503-0632-4
@inproceedings{Zheng:2011:SLW,
abstract = {Ajax becomes more and more important for web applications that care about client side user experience. It allows sending requests asynchronously, without blocking clients from continuing execution. Callback functions are only executed upon receiving the responses. While such mechanism makes browsing a smooth experience, it may cause severe problems in the presence of unexpected network latency, due to the non-determinism of asynchronism. In this paper, we demonstrate the possible problems caused by the asynchronism and propose a static program analysis to automatically detect such bugs in web applications. As client side Ajax code is often wrapped in server-side scripts, we also develop a technique that extracts client-side JavaScript code from server-side scripts. We evaluate our technique on a number of real-world web applications. Our results show that it can effectively identify real bugs. We also discuss possible ways to avoid such bugs.},
added-at = {2017-02-09T16:08:14.000+0100},
author = {Zheng, Yunhui and Bao, Tao and Zhang, Xiangyu},
biburl = {https://www.bibsonomy.org/bibtex/2b2368afb4d04cffd6b754937fc0d63a9/gron},
booktitle = {Proceedings of the 20th International Conference on World Wide Web},
description = {Statically locating web application bugs caused by asynchronous calls},
doi = {10.1145/1963405.1963517},
interhash = {522f507c8f9dcc45fcd3d52e6a1a7b01},
intrahash = {b2368afb4d04cffd6b754937fc0d63a9},
isbn = {978-1-4503-0632-4},
keywords = {Analysis Bugs Concurrency JavaScript Static},
location = {Hyderabad, India},
numpages = {10},
pages = {805--814},
publisher = {ACM},
series = {WWW '11},
timestamp = {2017-02-09T16:08:14.000+0100},
title = {{Statically Locating Web Application Bugs Caused by Asynchronous Calls}},
year = 2011
}