conference proceedings Proceedings of the 3rd USENIX Conference Application on Web Development 3rd USENIX Conference on Web Application Development (WebApps ’12) Boston, MA, USA June 13, 2012 Boston, MA, USA Sponsored by June 13, 2012 © 2012 by The USENIX Association All Rights Reserved This volume is published as a collective work. Rights to individual papers remain with the author or the author’s employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. Permission is granted to print, primarily for one person’s exclusive use, a single copy of these Proceedings. USENIX acknowledges all trademarks herein. ISBN 978-931971-94-2 USENIX Association Proceedings of the 3rd USENIX Conference on Web Application Development June 13, 2012 Boston, MA, USA Conference Organizers Program Chair Michael Maximilien, IBM Research—Watson Program Committee Patrick Chanezon, VMware, Inc. Christopher Grier, University of California, Berkeley Robert Johnson, Facebook, Inc. Emre Kıcıman, Microsoft Research Raffi Krikorian, Twitter, Inc. James Mickens, Microsoft Research Subbu Subramanian, Facebook, Inc. Samuel Talmadge King, University of Illinois at Urbana-Champaign The USENIX Association Staff External Reviewers David Huang Ajith Ranabahu WebApps ’12: 3rd USENIX Conference on Web Application Development June 13, 2012 Boston, MA, USA Message from the Program Chair ................................................................ v Wednesday, June 13 11:00–12:30 Papers 1: JavaScript, Social Modeling and Reasoning about DOM Events ........................................................1 Benjamin S. Lerner, Matthew J. Carroll, Dan P. Kimmel, Hannah Quay-de la Vallee, and Shriram Krishnamurthi, Brown University Jigsaw: Efficient, Low-effort Mashup Isolation ......................................................13 James Mickens, Microsoft Research; Matthew Finifter, University of California, Berkeley Social Networks Profile Mapping Using Games .....................................................27 Mohamed Shehab, Moo Nam Ko, and Hakim Touati, University of North Carolina at Charlotte 1:30–3:30 Papers 2: Distributed Systems and Browser Ext Hybrid Cloud Support for Large Scale Analytics and Web Processing ...................................39 Navraj Chohan, Anand Gupta, Chris Bunch, Kowshik Prakasam, and Chandra Krintz, University of California, Santa Barbara Poor Man’s Social Network: Consistently Trade Freshness for Scalability .................................51 Zhiwu Xie, Virginia Polytechnic Institute and State University; Jinyang Liu, Howard Hughes Medical Institute; Herbert Van de Sompel, Los Alamos National Laboratory; Johann van Reenen and Ramiro Jordan, University of New Mexico Executing Web Application Queries on a Partitioned Database .........................................63 Neha Narula and Robert Morris, MIT CSAIL Gibraltar: Exposing Hardware Devices to Web Pages Using AJAX ......................................75 Kaisen Lin, UC San Diego; David Chu, James Mickens, Li Zhuang, and Feng Zhao, Microsoft Research; Jian Qiu, National University of Singapore 5:00–6:15 Demo papers: Client and JavaScript LIBERATED: A Fully In-Browser Client and Server Web Application Debug and Test Environment ...........89 Derrell Lipman, University of Massachusetts Lowell JavaScript in JavaScript (js.js): Sandboxing Third-Party Scripts ........................................95 Jeff Terrace, Stephen R. Beard, and Naga Praveen Kumar Katta, Princeton University Aperator: Making Tweets Enable Actionable Commands on Third Party Web Applications .................101 Peter Zakin, Soumya Sen, and Mung Chiang, Princeton University Don’t Repeat Yourself: Automatically Synthesizing Client-side Validation Code for Web Applications ........107 Nazari Skrupsky, Maliheh Monshizadeh, Prithvi Bisht, Timothy Hinrichs, V.N. Venkatakrishnan, and Lenore Zuck, University of Illinois at Chicago Message from the WebApps ’12 Program Chair Welcome to WebApps ’12, the third annual USENIX Conference on Web Application Development. Our con- tinuing emphasis and mission is ensuring that attendees are exposed to the most interesting new work from both industry and academia. The seven papers and four short papers presented (of twenty-one submissions received) were subjected to the rigor- ous review standards for which USENIX conferences are known. All papers received at least three reviews and some received more; each paper got a fair and thorough discussion at the in-person program committee meeting in San Francisco. I’d like to thank the authors for taking the time to submit a paper, whether it was accepted or not. Preparing a paper is a lot of work, and we are still exploring ways to engage more industrial authors and get best-of-class work from both academia and industry. I also thank the program committee for their efforts in reviewing, especially some of the industrial participants, whose schedules can be particularly hectic and who have limited budgeted time for conference PC participation. Finally, as always, USENIX’s professional organization makes the logistical aspects of running a program commit- tee a breeze, for which I especially thank Anne Dickison, Casey Henderson, and Jane-Ellen Long, along with the rest of the USENIX staff. We hope you enjoy this year’s program and are inspired by our prestigious keynote speakers. We welcome your continued participation in USENIX and hope you consider submitting your own work to our workshop next year. Michael Maximilien, IBM Research, San Jose, CA Modeling and Reasoning about DOM Events Benjamin S. Lerner Matthew J. Carroll Dan P. Kimmel Hannah Quay-de la Vallee Shriram Krishnamurthi Brown University Abstract The ability to model web applications more accurately Web applications are fundamentally reactive. Code in a has widespread appeal. Webapps are large codebases web page runs in reaction to events, which are triggered in languages with (currently) poor support for modular- either by external stimuli or by other events. The DOM, ity: how can we assure ourselves that a program doesn’t which specifies these behaviors, is therefore central to exhibit unintended behaviors? Many webapps include the behavior of web applications. We define the first semitrusted or untrusted content such as ads: how can formal model of event behavior in the DOM, with high we ensure that a program is robust in the face of the fidelity to the DOM specification. Our model is concise injected content’s activity? And for many web-like ap- and executable, and can therefore be used for testing and plications, foremost among them Firefox or Thunderbird, verification. We have applied it in several settings: to users avidly install extensions that deliberately and deeply establish some intended meta-properties of the DOM, as modify the markup and script of the underlying program: an oracle for testing the behavior of browsers (where it what assurance do we have that the composite program found real errors), to demonstrate unwanted interactions will work correctly? Even current tools that do attempt to between extensions and validate corrections to them, and model both the page structure and the code [3, 4, 6] are to examine the impact of a web sandbox. The model hampered by state-space explosion, as without a precise composes easily with models of other web components, model the potential code paths grow beyond feasibility. as a step toward full formal modeling of the web. Instead, we propose a simple, executable, testable model of event dispatch in web applications, in the style 1 Introduction of λJS [10, 11, 17]. Our model is engineered to hew closely to the structure of the spec [13], to build con- Modern web applications are fluid collections of script fidence in the model’s adequacy. For our purposes we and markup that respond and adapt to user interaction. abstract JavaScript and model only those APIs dealing Because their programming model differs from classic with page structure or events; the model is easily extended desktop applications, the analysis of such programs is still to include λJS directly. Likewise we represent the page in its infancy. To date, most efforts have focused on indi- structure as a simple tree in a heap; again the model can be vidual portions in isolation: huge progress has been made extended with a richer tree representation [9] for further in clarifying the semantics of JavaScript [10, 16, 17], in precision. modeling the tree structure of HTML [9], and in under- standing the overall behavior of the browser as a runtime Contributions environment [2, 5, 14, 15, 18]. But each of these ap- proaches ignores the crucial element of reactivity: web This paper makes the following concrete contributions: programming is fundamentally event-driven, and employs 1. A short, executable, and testable model of event dis- a powerful mechanism for event propagation. Perhaps patch (Section 4.2). Writing such a model clarifies counterintuitively, the JavaScript loaded in web applica- potential sources of confusion in the spec itself, pro- tions is largely inert, and only executes when triggered vides an oracle against which implementations can by events dispatching through the HTML structure in be tested, and provides a foundation for future pro- which it resides. To paraphrase John Wheeler’s famous gram analyses. As a case in point, systematically dictum, “HTML tells events how to propagate, and events testing small examples in our model revealed dis- tell HTML how to evolve.” crepant behavior