TY - GEN A1 - Welearegai, Gebrehiwet B. A1 - Schlueter, Max A1 - Hammer, Christian T1 - Static security evaluation of an industrial web application T2 - Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing N2 - JavaScript is the most popular programming language for web applications. Static analysis of JavaScript applications is highly challenging due to its dynamic language constructs and event-driven asynchronous executions, which also give rise to many security-related bugs. Several static analysis tools to detect such bugs exist, however, research has not yet reported much on the precision and scalability trade-off of these analyzers. As a further obstacle, JavaScript programs structured in Node. js modules need to be collected for analysis, but existing bundlers are either specific to their respective analysis tools or not particularly suitable for static analysis. KW - JavaScript KW - WALA KW - SAFE KW - comparison Y1 - 2019 SN - 978-1-4503-5933-7 U6 - https://doi.org/10.1145/3297280.3297471 SP - 1952 EP - 1961 PB - Association for Computing Machinery CY - New York ER - TY - JOUR A1 - Steinert, Bastian A1 - Thamsen, Lauritz A1 - Felgentreff, Tim A1 - Hirschfeld, Robert T1 - Object Versioning to Support Recovery Needs Using Proxies to Preserve Previous Development States in Lively JF - ACM SIGPLAN notices N2 - We present object versioning as a generic approach to preserve access to previous development and application states. Version-aware references can manage the modifications made to the target object and record versions as desired. Such references can be provided without modifications to the virtual machine. We used proxies to implement the proposed concepts and demonstrate the Lively Kernel running on top of this object versioning layer. This enables Lively users to undo the effects of direct manipulation and other programming actions. KW - Programming Environments KW - Object Versioning KW - CoExist KW - JavaScript KW - Lively Kernel Y1 - 2015 U6 - https://doi.org/10.1145/2661088.2661093 SN - 0362-1340 SN - 1558-1160 VL - 50 IS - 2 SP - 113 EP - 124 PB - Association for Computing Machinery CY - New York ER - TY - JOUR A1 - Freudenberg, Bert A1 - Ingalls, Dan A1 - Felgentreff, Tim A1 - Pape, Tobias A1 - Hirschfeld, Robert T1 - SqueakJS A Modern and Practical Smalltalk that Runs in Any Browser JF - ACM SIGPLAN notices N2 - We report our experience in implementing SqueakJS, a bitcompatible implementation of Squeak/Smalltalk written in pure JavaScript. SqueakJS runs entirely in theWeb browser with a virtual file system that can be directed to a server or client-side storage. Our implementation is notable for simplicity and performance gained through adaptation to the host object memory and deployment leverage gained through the Lively Web development environment. We present several novel techniques as well as performance measurements for the resulting virtual machine. Much of this experience is potentially relevant to preserving other dynamic language systems and making them available in a browser-based environment. KW - Smalltalk KW - Squeak KW - Web browsers KW - JavaScript Y1 - 2015 U6 - https://doi.org/10.1145/10.1145/2661088.2661100 SN - 0362-1340 SN - 1558-1160 VL - 50 IS - 2 SP - 57 EP - 66 PB - Association for Computing Machinery CY - New York ER -