Static Analysis for Java Servlets and JSP

We present an approach for statically reasoning about the behavior of Web applications that are developed using Java Servlets and JSP. Specifically, we attack the problems of guaranteeing that all output is well-formed and valid XML and ensuring consistency of XHTML form fields and session state. Our approach builds on a collection of program analysis techniques developed earlier in the JWIG and Xact projects, combined with work on balanced context-free grammars. Together, this provides the necessary foundation concerning reasoning about output streams and application control flow.

[1]  Yasuhiko Minamide,et al.  Static approximation of dynamically generated Web pages , 2005, WWW '05.

[2]  Christian Kirkegaard,et al.  Type Checking with XML Schema in XACT , 2005, PLAN-X.

[3]  Robert Giegerich,et al.  Analyzing Ambiguity of Context-Free Grammars , 2007, CIAA.

[4]  Murali Mani,et al.  Taxonomy of XML schema languages using formal language theory , 2005, TOIT.

[5]  Jean Berstel,et al.  Formal properties of XML grammars and languages , 2000, Acta Informatica.

[6]  Jirí Srba,et al.  Undecidability Results for Bisimilarity on Prefix Rewrite Systems , 2006, FoSSaCS.

[7]  Olivier Danvy,et al.  A Rational Deconstruction of Landin's J Operator , 2005, IFL.

[8]  Aske Simon Christensen,et al.  Extending Java for high-level Web service construction , 2002, TOPL.

[9]  Luca Aceto,et al.  On the Axiomatizability of Priority , 2006, ICALP.

[10]  Alfred V. Aho,et al.  Compilers: Principles, Techniques, and Tools , 1986, Addison-Wesley series in computer science / World student series edition.

[11]  Laurie Hendren,et al.  Soot---a java optimization framework , 1999 .

[12]  Kristian Støvring,et al.  Extending the Extensional Lambda Calculus with Surjective Pairing is Conservative , 2005, Log. Methods Comput. Sci..

[13]  Olivier Danvy,et al.  A syntactic correspondence between context-sensitive calculi and abstract machines , 2005, Theor. Comput. Sci..

[14]  Mark-Jan Nederhof,et al.  Regular Approximation of Context-Free Grammars through Transformation , 2001 .

[15]  Olivier Danvy,et al.  A concrete framework for environment machines , 2005, TOCL.

[16]  Christian Kirkegaard,et al.  Static Analysis for Java Servlets and JSP , 2006 .

[17]  Wil M. P. van der Aalst,et al.  Design and Implementation of the YAWL System , 2004, CAiSE.

[18]  Aske Simon Christensen,et al.  Precise Analysis of String Expressions , 2003, SAS.

[19]  Francisco Curbera,et al.  Web Services Business Process Execution Language Version 2.0 , 2007 .

[20]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[21]  Donald E. Knuth,et al.  A Characterization of Parenthesis Languages , 1967, Inf. Control..

[22]  Derick Wood,et al.  Balanced Context-Free Grammars, Hedge Grammars and Pushdown Caterpillar Automata , 2004, Extreme Markup Languages®.

[23]  Christian Kirkegaard,et al.  Static analysis of XML transformations in Java , 2003, IEEE Transactions on Software Engineering.

[24]  Wil M. P. van der Aalst,et al.  Mining configurable enterprise information systems , 2006, Data Knowl. Eng..

[25]  Mikkel Baun Kjærgaard,et al.  A Formal Model for Context-Awareness , 2006 .