Combining Form and Function: Static Types for JQuery Programs

The jQuery library defines a powerful query language for web applications' scripts to interact with Web page content. This language is exposed as jQuery's api, which is implemented to fail silently so that incorrect queries will not cause the program to halt. Since the correctness of a query depends on the structure of a page, discrepancies between the page's actual structure and what the query expects will also result in failure, but with no error traces to indicate where the mismatch occurred. This work proposes a novel type system to statically detect jQuery errors. The type system extends Typed JavaScript with local structure about the page and with multiplicities about the structure of containers. Together, these two extensions allow us to track precisely which nodes are active in a jQuery object, with minimal programmer annotation effort. We evaluate this work by applying it to sample real-world jQuery programs.

[1]  Shriram Krishnamurthi,et al.  Modeling and Reasoning about DOM Events , 2012, WebApps.

[2]  Andrew D. Gordon,et al.  Verified Reference Implementations of WS-Security Protocols , 2006, WS-FM.

[3]  Joe Gibbs Politz,et al.  Semantics and Types for Objects with First-Class Member Names , 2012 .

[4]  Shriram Krishnamurthi,et al.  The Essence of JavaScript , 2010, ECOOP.

[5]  Andreas Abel Polarized Subtyping for Sized Types , 2006, CSR.

[6]  Sam Tobin-Hochstadt,et al.  The design and implementation of typed scheme , 2008, POPL '08.

[7]  Joe Gibbs Politz,et al.  A tested semantics for getters, setters, and eval in JavaScript , 2012, DLS.

[8]  Scott Boag,et al.  XQuery 1.0 : An XML Query Language , 2007 .

[9]  Martin Sulzmann,et al.  A Type-Safe Embedding of XDuce into ML , 2006, ML.

[10]  James Cheney Scrap your nameplate: (functional pearl) , 2005, ICFP '05.

[11]  Theo D'Hondt ECOOP 2010 - Object-Oriented Programming, 24th European Conference, Maribor, Slovenia, June 21-25, 2010. Proceedings , 2010, ECOOP.

[12]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[13]  Philippa Gardner,et al.  Local Hoare reasoning about DOM , 2008, PODS.

[14]  Shriram Krishnamurthi,et al.  Typing Local Control and State Using Flow Analysis , 2011, ESOP.

[15]  Giuseppe Castagna,et al.  CDuce: an XML-centric general-purpose language , 2003, ACM SIGPLAN Notices.

[16]  Benjamin C. Pierce,et al.  Featherweight Firefox: Formalizing the Core of a Web Browser , 2010, WebApps.

[17]  Sam Tobin-Hochstadt,et al.  Typing the Numeric Tower , 2012, PADL.

[18]  Philippa Gardner,et al.  Small Specifications for Tree Update , 2009, WS-FM.

[19]  Dan Grossman,et al.  Designing for extensibility and planning for conflict: experiments in web-browser design , 2011 .

[20]  Andreas Abel Polarised subtyping for sized types , 2008, Math. Struct. Comput. Sci..

[21]  Benjamin C. Pierce,et al.  XDuce: A statically typed XML processing language , 2003, TOIT.

[22]  Simon L. Peyton Jones,et al.  Imperative functional programming , 1993, POPL '93.

[23]  Christoph Zenger,et al.  Indexed Types , 1997, Theoretical Computer Science.

[24]  Giuseppe Castagna,et al.  Error Mining for Regular Expression Patterns , 2005, ICTCS.

[25]  Ankur Taly,et al.  An Operational Semantics for JavaScript , 2008, APLAS.

[26]  Joe Gibbs Politz,et al.  ADsafety: Type-Based Verification of JavaScript Sandboxing , 2011, USENIX Security Symposium.

[27]  Giuseppe Castagna,et al.  CDuce: an XML-centric general-purpose language , 2003, ICFP '03.

[28]  Jonathan Chaffer,et al.  Learning jQuery , 2007 .

[29]  William Webb Regulation - A licence to do (almost) anything you want WILLIAM WEBB DESCRIBES A MORE FLEXIBLE APPROACH TO SPECTRUM LICENSING , 2006 .