CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan.

Slides:



Advertisements
Similar presentations
Configuration management
Advertisements

Configuration management
Java Script Session1 INTRODUCTION.
ICS103 Programming in C Lecture 1: Overview of Computers & Programming
Lecture 1: Overview of Computers & Programming
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
Introduction To System Analysis and Design
1 Chapter 12 Working With Access 2000 on the Internet.
1 The SOCK SAGA Ivan Lanese Computer Science Department University of Bologna Italy Joint work with Gianluigi Zavattaro.
Algorithms and Problem Solving-1 Algorithms and Problem Solving.
Algorithms and Problem Solving. Learn about problem solving skills Explore the algorithmic approach for problem solving Learn about algorithm development.
Satzinger, Jackson, and Burd Object-Orieneted Analysis & Design
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
1 Software Testing and Quality Assurance Lecture 32 – SWE 205 Course Objective: Basics of Programming Languages & Software Construction Techniques.
CS 290C: Formal Models for Web Software Lecture 6: Model Driven Development for Web Software with WebML Instructor: Tevfik Bultan.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
Application Architectures Vijayan Sugumaran Department of DIS Oakland University.
Lecture 8 Epidemic communication, Server implementation.
1 The World Wide Web. 2  Web Fundamentals  Pages are defined by the Hypertext Markup Language (HTML) and contain text, graphics, audio, video and software.
Computer Science 101 Web Access to Databases Overview of Web Access to Databases.
CGI Programming: Part 1. What is CGI? CGI = Common Gateway Interface Provides a standardized way for web browsers to: –Call programs on a server. –Pass.
Christopher M. Pascucci Basic Structural Concepts of.NET Browser – Server Interaction.
UNIT-V The MVC architecture and Struts Framework.
DAT602 Database Application Development Lecture 15 Java Server Pages Part 1.
This chapter is extracted from Sommerville’s slides. Text book chapter
WEEK 1 CS 361: ADVANCED DATA STRUCTURES AND ALGORITHMS Dong Si Dept. of Computer Science 1.
INTRODUCTION TO WEB DATABASE PROGRAMMING
272: Software Engineering Fall 2012 Instructor: Tevfik Bultan Lecture 17: Code Mining.
Architecture Of ASP.NET. What is ASP?  Server-side scripting technology.  Files containing HTML and scripting code.  Access via HTTP requests.  Scripting.
Aurora: A Conceptual Model for Web-content Adaptation to Support the Universal Accessibility of Web-based Services Anita W. Huang, Neel Sundaresan Presented.
Web Application Architecture and Communication. Displaying a Web page in a Browser
Comp2513 Forms and CGI Server Applications Daniel L. Silver, Ph.D.
Server-side Scripting Powering the webs favourite services.
Managing the development and purchase of information systems (Part 1)
MVC and MVP. References enter.html enter.html
Model View Controller (MVC) Rick Mercer with a wide variety of others 1.
10 Adding Interactivity to a Web Site Section 10.1 Define scripting Summarize interactivity design guidelines Identify scripting languages Compare common.
Design Patterns Phil Smith 28 th November Design Patterns There are many ways to produce content via Servlets and JSPs Understanding the good, the.
Web Programming: Client/Server Applications Server sends the web pages to the client. –built into Visual Studio for development purposes Client displays.
20-753: Fundamentals of Web Programming 1 Lecture 1: Introduction Fundamentals of Web Programming Lecture 1: Introduction.
ASP.NET.. ASP.NET Environment ASP.NET is Microsoft's programming framework that enables the development of Web applications and services. It is an easy.
Chapter 06 (Part I) Functions and an Introduction to Recursion.
Verifying Interactive Web Programs Daniel R. Licata Shriram Krishnamurthi Brown University.
Chapter 6 Server-side Programming: Java Servlets
Cohesion and Coupling CS 4311
Christopher M. Pascucci Basic Structural Concepts of.NET Managing State & Scope.
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
Java server pages. A JSP file basically contains HTML, but with embedded JSP tags with snippets of Java code inside them. A JSP file basically contains.
The Software Development Process
JS (Java Servlets). Internet evolution [1] The internet Internet started of as a static content dispersal and delivery mechanism, where files residing.
Module: Software Engineering of Web Applications Chapter 2: Technologies 1.
8 Chapter Eight Server-side Scripts. 8 Chapter Objectives Create dynamic Web pages that retrieve and display database data using Active Server Pages Process.
Lecture 4 Mechanisms & Kernel for NOSs. Mechanisms for Network Operating Systems  Network operating systems provide three basic mechanisms that support.
1 Chapter 12 Configuration management This chapter is extracted from Sommerville’s slides. Text book chapter 29 1.
ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.
CMPSC 16 Problem Solving with Computers I Spring 2014 Instructor: Tevfik Bultan Lecture 4: Introduction to C: Control Flow.
World Wide Web has been created to share the text document across the world. In static web pages the requesting user has no ability to interact with the.
PHP: Further Skills 02 By Trevor Adams. Topics covered Persistence What is it? Why do we need it? Basic Persistence Hidden form fields Query strings Cookies.
Chapter 1 Getting Started with ASP.NET Objectives Why ASP? To get familiar with our IDE (Integrated Development Environment ), Visual Studio. Understand.
Managing State Chapter 13.
Algorithms and Problem Solving
Sessions Many interactive Web sites spread user data entry out over several pages: Ex: add items to cart, enter shipping information, enter billing information.
Web Software Model CS 4640 Programming Languages for Web Applications
Whether you decide to use hidden frames or XMLHttp, there are several things you'll need to consider when building an Ajax application. Expanding the role.
Model-View-Controller Patterns and Frameworks
Lecture 1: Multi-tier Architecture Overview
Objectives In this lesson you will learn about: Need for servlets
Sessions Many interactive Web sites spread user data entry out over several pages: Ex: add items to cart, enter shipping information, enter billing information.
Algorithms and Problem Solving
Lecture 5: Functions and Parameters
Presentation transcript:

CS 290C: Formal Models for Web Software Lecture 10: Language Based Modeling and Analysis of Navigation Errors Instructor: Tevfik Bultan

Web Application Modeling So far we have discussed various approaches for modeling, analyzing and verifying web applications We have seen two main approaches: –Model driven development approaches where the application is specified or enhanced using a formal model For example: WebML, navigation state machines –Reverse engineering approaches where a formal model is extracted fro the application For example: Extracting a state machine model for navigation by analyzing the links that are inserted in web pages

Model Driven Development Approach Model driven development approach enables –Specification of the behavior of the application at a high level of abstraction, making it easier to develop applications. –The actual implementation can be automatically or semi- automatically generated from the high level models –Separation of concerns can be achieved by specifying different concerns about the application (such as the data model or the navigation constraints) using different specification mechanisms However, model driven development requires the developers to learn and use the modeling languages There is a concern about the mapping between the actual implementation and model (they have to maintained together)

Reverse Engineering Approach Reverse engineering approaches does not require developers to learn a new specification language Since reverse engineering approaches extract a model directly from the code, there is no maintenance issues (when the application changes, we can extract a new model) However, reverse engineering is hard: –Extracting sound models using static analysis can lead to very approximate models that do not contain much information or can be undecidable for more precise models –Extracting models by observing runtime behavior is not sound and cannot be used to guarantee correctness

How About a Language Based Approach? Both model driven development and reverse engineering approaches can be considered software engineering approaches Another approach would be to use a programming language based approach Can we model the problems that appear in Web applications in programming language terms and possibly suggest solutions using programming language mechanisms (such as type checking)?

A Language Based Approach Today I will discuss the following paper which presents a language based approach for modeling and analyzing navigation problems in Web applications: “Modeling Web Interactions and Errors,” S. Krishnamurthi, R. B. Findler, P. Graunke, and M. Felleisen.

Web Applications A Web program’s execution consists of a series of interactions between a Web browser and a Web server When a browser submits a http request whose URL points to a Web program, the server invokes the program with the request using some protocol –GCI, Java servlets, ASP.NET It then waits from the program to terminate and turns the program’s output into a response that the browser can display, i.e., it returns a Web page. Each such program is called a “script” since they only read some inputs and write some output

Web Applications This simple request-response style programming using scripts makes design of multi-stage Web interactions difficult A multi-stage interactive Web program consists of many scripts each handling one request –These scripts communicate with each other via external media since they must remember the earlier part of the interaction –Forcing scripts to communicate this way causes problems since they lead to unstated and easily violated invariants

Web Applications Use of the Web browser creates further complications –A browser is designed to let a user navigate a web of hyperlinked nodes –When a user uses this power to navigate an interaction with an application many unexpected scenarios can happen User can backtrack to an earlier stage of the interaction User can duplicate a page and generate parallel interactions

A Language Based Approach We will first describe a formal model that captures the essence of Web application behavior Then we will investigate the use of language based techniques to address the navigation problems

A Formal Model A Web application (W) consists of –a server (S) and –a client (C) Server consists of –a storage, and –a dispatcher Dispatcher contains –a table (P) of programs that associates URLs with programs and –an evaluator that applies programs from the table to the submitted form

A Formal Model Every page is simply a form (F) that contains –the URL to which the form is submitted, and –a set of form fields A field name is a value that can be edited by the client The client stores the –the current form and –the sequence of all the forms that have been visited by the client so far (cached pages)

Web Program Behavior The behavior of the Web program is described using three types of actions: –Fill-form: This corresponds to client editing values of fields in the current form. The modified form becomes the current form and is added to the cache –Switch: Makes a form from the cache the current form –Submit: dispatches on the current form’s URL to find a program in the table P. This program accesses the server state and the current form and updates the server state and generates a new form which becomes the current form

A Simple Web Programming Language A simple functional programming language can be specified to characterize the basic operations that are required to write a web application: –Extract a field from a form –Construct a new form –Modify fields of a form To allow stateful programming we can introduce read and write operations that allow read and write access to the server storage

Navigation Problems Two navigation problems can be characterized formally in this model: –Script communication problem: Where a script accepts a different type of form than what is delivered to it. For example, the script tries to access a field that does not exist in the form –HTTP observer problem: Since the http protocol does not allow a proper implementation of the observer pattern (which enables independent observers to be notified of state changes) a page received by the client can become outdated when the MVC model changes in the server.

Script Communication Problem and Types The main issue in script communication problem is type mismatch between the forms generated and consumed by different scripts Since these scripts are loosely coupled programs, there is no standard type checking mechanism that can be used to make sure that these type mismatches do not happen Checking all scripts together is not feasible since they are developed incrementally and may reside on different Web servers and may be written using different programming languages

An Incremental Type System for Web Applications The proposed solution is the following: –When the Web server receives a request for a URL that is not already in its table, it installs the relevant program –Before installing the relevant program it checks that there is no type mismatch with the input form and the installed program (internal consistency check) –Furthermore it generates type constraints that this new installed program imposes on other programs in the server that it interacts (there become external consistency checks) If either the internal or external check fails the program is rejected resulting in an error

A Simple Typed Web Programming Language The simple functional Web programming language can be extended with types by requiring type declarations for function arguments The type system for this language shows how external type checking can be done –While traversing the program, the type system generates a set of type constraints on external programs –Each constraints state a condition such as: a program associated with a particular URL should consume Web forms of a particular type

Solving Script Communication Problem with Type Checking Using type checking with this incremental system it can be guaranteed that –scripts do not get stuck when they are processing appropriately typed forms –Server does not apply the scripts to forms with wrong types

Solving the http observer problem with timestamps Server keeps track of the number of processes submissions (this represent time) The external storage is changed so that it maps locations to values + timestamp for the last write The server also maintains the set of all storage locations read or written during the execution of a script (called a carrier set CS) –When severs sends a page to the consumer, it adds the current time stamp and this set of locations as an extra hidden field

Solving the http observer problem with timestamps A form with carrier set CS and time stamp T submitted to a server is out of date if and only if any of the locations in CS have a timestamp at the server that is greater than T A runtime error can be generated when out of date forms are submitted preventing execution of scripts with out of date data –This approach solves the example problem of booking an unintended flight However, this approach can also generate false positives (for example a page counter value may make the form out of date) –So the programmers must specify which reads or writes are relevant, and an error is generated only when a relevant field is out of date