Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications

Research output: Contribution to book/anthology/report/proceedingArticle in proceedingsResearchpeer-review

  • Department of Computer Science

Developers of JavaScript web applications have little tool support for catching errors early in development. In comparison, an abundance of tools exist for statically typed languages, including sophisticated integrated development environments and specialized static analyses. Transferring such technologies to the domain of JavaScript web applications is challenging. In this paper, we discuss the challenges, which include the dynamic aspects of JavaScript and the complex interactions between JavaScript, HTML, and the browser. From this, we present the first static analysis that is capable of reasoning about the flow of control and data in modern JavaScript applications that interact with the HTML DOM and browser API.

One application of such a static analysis is to detect type-related and dataflow-related programming errors. We report on experiments with a range of modern web applications, including Chrome Experiments and IE Test Drive applications, to measure the precision and performance of the technique. The experiments indicate that the analysis is able to show absence of errors related to missing object properties and to identify dead and unreachable code. By measuring the precision of the types inferred for object properties, the analysis is precise enough to show that most expressions have unique types. By also producing precise call graphs, the analysis additionally shows that most invocations in the programs are monomorphic. We furthermore study the usefulness of the analysis to detect spelling errors in the code. Despite the encouraging results, not all problems are solved and some of the experiments indicate a potential for improvement, which allows us to identify central remaining challenges and outline directions for future work.
Original languageEnglish
Title of host publicationProceedings of the 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering. ESEC/FSE '11
Number of pages11
PublisherAssociation for Computing Machinery
Publication year2011
Pages59-69
ISBN (print)978-1-4503-0443-6
DOIs
Publication statusPublished - 2011
EventJoint 19th ACM SIGSOFT symposium and 13th European conference on Foundations of software - Szeged, Hungary
Duration: 5 Sep 20119 Sep 2011

Conference

ConferenceJoint 19th ACM SIGSOFT symposium and 13th European conference on Foundations of software
LandHungary
BySzeged
Periode05/09/201109/09/2011

See relations at Aarhus University Citationformats

ID: 38513216