Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
WWW
2005
ACM
2005
ACM
Static approximation of dynamically generated Web pages
Server-side programming is one of the key technologies that support today's WWW environment. It makes it possible to generate Web pages dynamically according to a user's request and to customize pages for each user. However, the flexibility obtained by server-side programming makes it much harder to guarantee validity and security of dynamically generated pages. To check statically the properties of Web pages generated dynamically by a server-side program, we develop a static program analysis that approximates the string output of a program with a context-free grammar. The approximation obtained by the analyzer can be used to check various properties of a server-side program and the pages it generates. To demonstrate the effectiveness of the analysis, we have implemented a string analyzer for the server-side scripting language PHP. The analyzer is successfully applied to publicly available PHP programs to detect cross-site scripting vulnerabilities and to validate pages they...
Real-time TrafficInternet Technology | Server-side Program | Server-side Programming | Server-side Scripting Language | WWW 2005 |
Related Content
| Added | 22 Nov 2009 |
| Updated | 22 Nov 2009 |
| Type | Conference |
| Year | 2005 |
| Where | WWW |
| Authors | Yasuhiko Minamide |
Comments (0)
Researcher Info
|
