Static Analysis of JavaScript Web Applications in the Wild via Practical DOM Modeling (T)

We present SAFE_Wapp, an open-source static analysis framework for JavaScript web applications. It provides a faithful (partial) model of web application execution environments of various browsers, based on empirical data from the main web pages of the 9,465 most popular websites. A main feature of SAFE_Wapp is the configurability of DOM tree abstraction levels to allow users to adjust a trade-off between analysis performance and precision depending on their applications. We evaluate SAFEWapp on the 5 most popular JavaScript libraries and the main web pages of the 10 most popular websites in terms of analysis performance, precision, and modeling coverage. Additionally, as an application of SAFE_Wapp, we build a bug detector for JavaScript web applications that uses static analysis results from SAFE_Wapp. Our bug detector found previously undiscovered bugs including ones from wikipedia.org and amazon.com.