Automated Checking of Web Application Invocations

Abstract

HTTP based invocations allow web application components to communicate among themselves and build dynamic customized web pages. Invocations are widely used by web applications, but are a common source of errors. Existing techniques are only able to verify limited correctness properties of web application invocations and omit key properties, such as an argument's type and value must match its target parameter's domain. This paper presents the first approach for verifying these correctness properties of web application invocations. An empirical evaluation of the technique shows that it is able to identify, with high precision, over 30% more invocation errors than were previously identified and that the approach has a low analysis runtime cost.