Presentation is loading. Please wait.

Presentation is loading. Please wait.

Shuai Wang, Wensheng Dou, Chushu Gao, Jun Wei, Tao Huang

Published byきみとし やたけ Modified over 5 years ago

Similar presentations

Presentation on theme: "Shuai Wang, Wensheng Dou, Chushu Gao, Jun Wei, Tao Huang"— Presentation transcript:

1 Shuai Wang, Wensheng Dou, Chushu Gao, Jun Wei, Tao Huang
Discovering User-Defined Event Handlers in Presence of JavaScript Libraries Shuai Wang, Wensheng Dou, Chushu Gao, Jun Wei, Tao Huang Institute of Software Chinese Academy of Sciences 2018/11/8

2 Background – Web Applications
Multiple languages HTML JavaScript Event-driven HTML <div id=“parent”> <div id=“child”></div> </div> JavaScript var parent = document.getElementById(‘parent’); parent.addEventListener(‘click’, clickDIV); View HTML is used to define structure and data of web pages JavaScript is used to define process logic When we click on the div element, the clickDIV function will be invoked parent clickDIV child

3 Background – JavaScript Libraries
JavaScript libraries are widely used in web client side development jQuery : 74% Prototype : 5.1% MooTools : 5.5% script.aculo.us : 4.4% Yahoo User Interface : 4.2% …… Top million web sites Almost all the web applications are built on JavaScript libraries We list the most popular libraries here, such as jQuery, prototype and so on.

4 Motivation – Running Example
The entry of a search engine JavaScript for event registration Then we use a simple example to illustrate the motivation of our work. It provides two functionalities. We can submit a search request by clicking on the popular keyword, or typing our own search keyword and clicking the search button. The functionalities are registered by the two lines of JavaScript code. getById('submit').addEventListener(‘click’, search); $(document).on('click', '.keyword', searchKeyword);

5 Motivation – Running Example
The entry of a search engine JavaScript for event registration click input#submit Chrome Developer Tools search The first line of JavaScript code registers a function search on the search button as its click event handler. It registers the event handler by calling a standard DOM API, addEventListener If we search for event handlers registered by this code via some developer tools, such as Chrome Developer Tools, we will find there is a click event handler, registered on a input element whose id is submit, and the event handler is search getById('submit').addEventListener(‘click’, search); $(document).on('click', '.keyword', searchKeyword); standard DOM API

6 Motivation – Running Example
The entry of a search engine JavaScript for event registration click input#submit Chrome Developer Tools search Now we can see that, this consists with the parameters passed to this expression. getById('submit').addEventListener(‘click’, search); $(document).on('click', '.keyword', searchKeyword);

7 Motivation – Running Example
The entry of a search engine JavaScript for event registration click document Chrome Developer Tools anonymous function Now let’s go to the second line. It registers a function searchKeyword to all popular keywords, as their click event handlers. Different to the first line, this line uses a jQuery API, called on. When we search for event handlers registered by this code, we will find a click event handler registered on the document, and the event handler is a anonymous function Here, the anonymous function is defined by jQuery. getById('submit').addEventListener(‘click’, search); $(document).on('click', '.keyword', searchKeyword); jQuery API

8 Motivation – Running Example
The entry of a search engine JavaScript for event registration click document Chrome Developer Tools anonymous function It’s obviously different with parameters used in this code. The code registers searchKeyword, but the tools tells us a anonymous function. We call it, the user-defined event handlers are hidden by libraries. getById('submit').addEventListener(‘click’, search); $(document).on('click', '.keyword', searchKeyword); Hidden by jQuery!

9 Goal Discover user-defined event handlers in presence of JavaScript libraries JavaScript for event registration $(document).on('click', '.keyword', searchKeyword); Event type : click DOM element : div.keyword Event handler : searchKeyword Event type : click DOM element : document Event handler : anonymous function So, our goal is, to Discover user-defined event handlers in presence of JavaScript libraries For event registration code using library API, we should identify the user-defined event handlers, rather than library-defined event handlers.

10 Main Idea Key Insight Dynamic Analysis
User-defined event handlers act as same as standard event handlers Dynamic Analysis Identify user-defined event handlers out of all executed functions. Executed functions User-defined event handlers dispatch(e); fix(e); filter(e); searchKeyword(); submit(); …… searchKeyword(); Our key insight is, user-defined event handlers act just as same as standard event handlers So, we use dynamic analysis, analysis all the executed functions, and identify user-defined event handlers out of them.

11 Standard Event Model Event registration phase Event handling phase
Passed as a parameter Never invoked during registration handler child.addEventListener(‘click’, handler); trigger child event handler click child Next, let’s see the similarities and differences between standard and user-defined event handlers. Firstly, the standard event handlers. The standard event handlers are defined in standard event model. In the standard event model, the lifecycle of event handlers can be divided into two phases, the event registration phase, and the event handling phase. In event registration phase, we can register event handlers on DOM elements. In this example, we register the function handler on the element child as its click event handler. During this phase, the handler is passed as a parameter to the function call addEventListener, and it’s never invoked during the execution of addEventListener. Then in the event handling phase, when we click on the element child, the event handler will be triggered, and the function handler will be invoked, with a parameter mouseEvent. Here, the parameter MouseEvent is of DOMEvent type, this is specified by the standard. And this function is invoked by browsers. handler(mouseEvent); mouseEvent Invoked by Browsers DOMEvent Type

12 DOM Event Delegation Model
Event registration phase Event handling phase Passed as a parameter Never invoked during registration handler $(parent).on(‘click’, ‘child’, handler); // jQuery trigger parent dispatcher invoke child click child event handler Secondly, let’s see the DOM event delegation model. Similarly, the lifecycle of event handlers can be divided into two phases, the event registration phase, and the event handling phase. In event registration phase, we can still register event handlers on DOM elements. Here, the code using jQuery implements the same function as before, but it registers different event handlers. It registers an dispatcher function on the element parent, rather than registers the user-defined function hand on the element child. Similarly, the handler is passed as a parameter to the function call on, and it’s never invoked during the execution of on. Then in the event handling phase, it’s quite different. when we click on the element child, the event fires on child, and propagates to parent, then triggers dispatcher, and then the dispatcher invokes the final event handler, with a parameter mouseEvent. Here, the parameter MouseEvent is of Event type defined by jQuery, and the function is invoked by jQuery. So we can find the differences include the parameter type and the invocation relationship. handler(mouseEvent); mouseEvent Invoked by fixed expressions defined in libraries Differences jQuery.Event Type

13 Registration Analysis
Overview Registration Analysis Parameter Analysis Invocation <html> <head> <title>Web . </head> <body> …… </body> </html> Instrumented Web Page Event 1: click div.keyword searchKeyword Report Redundancy Reduction Our approach is inspired by these analysis. Our approach receives an instrumented web page as input, and performs registration analysis, parameter analysis and invocation analysis on the given page. Then we get an initial result, which may contain a lot of redundancies. Then we perform redundancy reduction on the initial result, and generate the final report. Next, we will explain these steps in detail.

14 Registration Analysis
Functions passed as parameters to another function calls, and never invoked during those function calls JavaScript code $(document).on(‘click’, ‘.keyword’, searchKeyword); on : function(type, selector, handler) { …… handlers.push( {selector: selector, handler: handler }); } Firstly, Registration analysis. In this step, we try to find functions that are passed as parameters to another function calls, and never invoked during those function calls. It consists of two constraints. I’ll show the process using the following code. Firstly, the registration code is executing.

15 Registration Analysis
Functions passed as a parameter to another function call, and never invoked during that function call JavaScript code searchKeyword Passed as a parameter Never invoked $(document).on(‘click’, ‘.keyword’, searchKeyword); on : function(type, selector, handler) { …… handlers.push( {selector: selector, handler: handler }); } Passed as a parameter Then, we find the third parameter, searchKeyword is a function, it satisfies the first constraint, passed as a parameter.

16 Registration Analysis
Functions passed as a parameter to another function call, and never invoked during that function call JavaScript code searchKeyword Passed as a parameter Never invoked $(document).on(‘click’, ‘.keyword’, searchKeyword); on : function(type, selector, handler) { …… handlers.push( {selector: selector, handler: handler }); } Never invoked handler Candidate handler Then the execution continues. When function on is executing, we find that the passed function, handler, is never invoked, so the second constraint, never invoked, is satisfied. So we say, the searchKeyword is a candidate of user-defined event handler.

17 Check only type info doesn’t work
Parameter Analysis Functions receiving an event-type parameter Click Event handler(e) trigger Standard DOM API e : MouseEvent jQuery API e : jQuery.Event Next, the Parameter analysis. In this step, we try to find functions that are invoked receiving an event-type parameter. Because libraries may defined their own event type, so we can’t determine whether an object is of event type by only checking their type info. Check only type info doesn’t work

18 Parameter Analysis Functions receiving an event-type parameter
Click Event handler(e) trigger Standard DOM API e : MouseEvent { altKey, bubbles, button, cancelBubble, cancelable, charCode, clientX, clientY, ctrlKey, … } jQuery API e : jQuery.Event However, when we go through the properties of library defined event type { altKey, bubbles, button, cancelable, clientX, clientY, ctrlKey, data, …… }

19 Parameter Analysis Candidate
Functions receiving an event-type parameter Click Event handler(e) trigger Candidate Standard DOM API e : MouseEvent { altKey, bubbles, button, cancelBubble, cancelable, charCode, clientX, clientY, ctrlKey, data, … } jQuery API e : jQuery.Event We can find that they are quite similar with the properties of standard events. So we use property similarity to illustrate whether a parameter is event type. In this example, the handler function registered by jQuery is identified as a candidate. { altKey, bubbles, button, cancelBubble, cancelable, charCode, clientX, clientY, ctrlKey, data, … }

20 √ ╳ Invocation Analysis Candidate
Multiple functions invoked by the same callsite expression CallSites Functions function click() { } handler.apply() Candidate function search() { } add(i); function add(v) { } Thirdly, the invocation analysis. We find libraries always invoke user-defined event handlers via fixed expression. When there are more than 1 user-defined event handlers, it will form a one-to-many invocation relationship. This is the constraint of this step. Such as, in jQuery, it uses handler.apply to invoke user-defined event handlers. In one case, it will invoke the click function, and in the other case, it will invoke the search function. While the add function call, it always invoke the add function. Here, the handler apply forms a one-to-two invocation relationship, which satisfies our constraint, while the other doesn’t. So we identify the click and search functions as candidates.

21 Redundancy Reduction A user-defined event handler can be identified as being registered on the child elements HTML View <div id=“parent”> <div id=“child”></div> </div> parent clickDIV child clickDIV JavaScript $(document).on(‘click’, ‘parent’, clickDIV); Then we get 3 candidate sets. We merge the 3 sets and get the initial result. However, this initial result may contain a lot of redundancy. This is because event propagation of DOM events, a user-defined event handler can be identified as being registered on the child elements. For example, here we register a event handler clickDIV on the div element parent. If we click parent, clickDIV will be triggered, so we identify it as an event handler of parent. Then if we click child, the event propagates to parent and triggers clickDIV too, so we identify clickDIV as an event handler of child too. click parent clickDIV clickDIV parent click child clickDIV clickDIV child

22 Redundancy Reduction A user-defined event handler can be identified as being registered on the child elements HTML View <div id=“parent”> <div id=“child”></div> </div> parent clickDIV child clickDIV JavaScript $(document).on(‘click’, ‘parent’, clickDIV); However, according to the code, we register clickDIV on parent only So clickDIV registered on child is a redundancy. click parent clickDIV clickDIV parent click child clickDIV clickDIV child Redundancy

23 Discard the same event handlers identified on child elements
Redundancy Reduction A user-defined event handler can be identified as being registered on the child elements HTML View <div id=“parent”> <div id=“child”></div> </div> parent clickDIV child clickDIV JavaScript $(document).on(‘click’, ‘parent’, clickDIV); To reduce this redundancy, our approach just discard the same event handlers identified on child elements. Here, we discard clickDIV on child. Discard the same event handlers identified on child elements

24 Evaluation RQ1: Is our approach accurate in detecting user-defined event handlers? (accuracy) RQ2: How quickly can our approach perform the user-defined event handler detection analysis? (efficiency) RQ3: What is the effect of our approach on detecting user-defined event handlers? (effect) Then our approach is finished. We try to evaluate our approach by the following 3 aspects:

25 Evaluation Subjects 7 real-world web applications from Alexa Benchmark
Library No. DOM Elements Lines of JavaScript Code jQuery 261 8,278 4,473 36,291 549 27,733 Prototype 640 18,248 YUI 3,056 1,973 39,636 645 19,355 We selected 7 real-world web applications from Alexa topsites. These web applications are built on different libraries, and of different scales. We run our prototype tool on the home page of these web applications, and check the generated result manually.

26 RQ1: Accuracy Total : precision 100%, recall 99.8% Benchmark
No. Actual User-Defined Event Handlers No. Found User-Defined Event Handlers No. Correct User-Defined Event Handlers Precision Recall 9 100% 199 2 6 235 ww.zoominfo.com 1 - 0% Total 458 457 99.8% For the 1st research question, the result shows that our approach gained an overall precision of 100% and recall of 99.8%.

27 RQ2: Efficiency Time : 1.1 s ~ 566.4 s Benchmark Library
No. DOM Elements Lines of JavaScript Code Time(s) jQuery 261 8,278 4.8 4,473 36,291 154.9 549 27,733 22.2 Prototype 640 18,248 14.1 YUI 3,056 1.1 1,973 39,636 566.4 645 19,355 38.6 And for the 2nd research question, our approach finished the analysis from 1 point 1 seconds to 5 hundreds and sixty six point four seconds. We believe this efficiency is acceptable.

28 No. User-Defined Event Handlers (NH) No. User-Defined Functions (NU)
RQ3: Effect User-defined event handlers: 133 / 5,299, total 2.5% Benchmark No. User-Defined Event Handlers (NH) No. User-Defined Functions (NU) NH/NU 9 166 7.8% 28 1,480 1.9% 2 1,065 0.2% 6 363 1.7% 42 14.3% 82 2,233 2.7% - Total 133 5,299 2.5% And for the last research question, we try to measure the effect of our approach by counting how many user-defined event handlers are filtered out of all user-defined functions. The result shows that there are 1 hundred and thirty three user-defined event handlers out of total five thousands 2 hundreds and ninety nine user-defined functions. Or we can say, only 2 point 5 percent of user-defined event functions are event handlers.

29 Conclusion 100 % 99.8 % $(document).on('click', '.keyword', searchKeyword); anonymous function parent child event dispatcher handler trigger invoke Finally, in conclusion Firstly, We identified the problem of error detection of user-defined event handler in presence of JavaScript libraries. And then we analysis the characters of standard event model and DOM event delegation model, and introduce our approach in detecting user-defined event handlers. And finally we evaluated our approach, and the result that our approach is effective, with an very high precision and recall.

30 Questions? Thank you!

Download ppt "Shuai Wang, Wensheng Dou, Chushu Gao, Jun Wei, Tao Huang"

Similar presentations

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?

WEB DESIGN TABLES, PAGE LAYOUT AND FORMS. Page Layout Page Layout is an important part of web design Why do you think your page layout is important?
Events Part III The event object. Learning Objectives By the end of this lecture, you should be able to: – Learn to use the hover() function – Work with.

Events Part III The event object. Learning Objectives By the end of this lecture, you should be able to: – Learn to use the hover() function – Work with.
Lesson 12- Unit L Programming Web Pages with JavaScript.

Lesson 12- Unit L Programming Web Pages with JavaScript.
Event Handling. Overview How to listen (and not listen) for events Creating a utility library (and why you should) Typology of events Pairing event listeners.

Event Handling. Overview How to listen (and not listen) for events Creating a utility library (and why you should) Typology of events Pairing event listeners.
The Web Warrior Guide to Web Design Technologies

The Web Warrior Guide to Web Design Technologies
1 / 28 Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications ESEC/FSE 2011 Anders Møller, Magnus Madsen and Simon Holm.

1 / 28 Modeling the HTML DOM and Browser API in Static Analysis of JavaScript Web Applications ESEC/FSE 2011 Anders Møller, Magnus Madsen and Simon Holm.
An Empirical Study on the Rewritability of the with Statement in JavaScript Changhee Park (Joint work with Hongki Lee and Sukyoung Ryu) KAIST October.

An Empirical Study on the Rewritability of the with Statement in JavaScript Changhee Park (Joint work with Hongki Lee and Sukyoung Ryu) KAIST October.
1 Using jQuery JavaScript & jQuery the missing manual (Second Edition)

1 Using jQuery JavaScript & jQuery the missing manual (Second Edition)
CST 200 - JavaScript Validating Form Data with JavaScript.

CST JavaScript Validating Form Data with JavaScript.
JavaScript and The Document Object Model MMIS 656 Web Design Technologies Acknowledgements: 1.Notes from David Shrader, NSU GSCIS 2.Some material adapted.

JavaScript and The Document Object Model MMIS 656 Web Design Technologies Acknowledgements: 1.Notes from David Shrader, NSU GSCIS 2.Some material adapted.
A Scalable Application Architecture for composing News Portals on the Internet Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta Famagusta.

A Scalable Application Architecture for composing News Portals on the Internet Serpil TOK, Zeki BAYRAM. Eastern MediterraneanUniversity Famagusta Famagusta.
JavaScript & jQuery the missing manual Chapter 11

JavaScript & jQuery the missing manual Chapter 11
JQuery 10/21. Today jQuery Some cool tools around the web JavaScript Libraries Drawing libraries HTML Frameworks Conventions.

JQuery 10/21. Today jQuery Some cool tools around the web JavaScript Libraries Drawing libraries HTML Frameworks Conventions.
Execution Environment for JavaScript Java Script Window object represents the window in which the browser displays documents. The Window object provides.

Execution Environment for JavaScript " Java Script Window object represents the window in which the browser displays documents. " The Window object provides.
Chapter 5 JavaScript and HTML Documents. © 2006 Pearson Addison-Wesley. All rights reserved. 5-2 5.1 JavaScript Execution Environment - The JavaScript.

Chapter 5 JavaScript and HTML Documents. © 2006 Pearson Addison-Wesley. All rights reserved JavaScript Execution Environment - The JavaScript.
INTRODUCTION TO JAVASCRIPT AND DOM Internet Engineering Spring 2012.

INTRODUCTION TO JAVASCRIPT AND DOM Internet Engineering Spring 2012.
INTRODUCTION TO HTML5 Using jQuery with HTML5. Introducing jQuery  Although it is not a part of any W3C or WHATWG specification, jQuery performs an important.

INTRODUCTION TO HTML5 Using jQuery with HTML5. Introducing jQuery  Although it is not a part of any W3C or WHATWG specification, jQuery performs an important.
Events DOM Event Model. HTML Events on + event name attribute value is javascript javascript runs 1st return false to STOP browser event (if any)

Events DOM Event Model. HTML Events "on" + event name attribute value is javascript javascript runs 1st return false to STOP browser event (if any)
Internet & World Wide Web How to Program, 5/e. ©1992-2012 by Pearson Education, Inc. All Rights Reserved.

Internet & World Wide Web How to Program, 5/e. © by Pearson Education, Inc. All Rights Reserved.
Review of the DOM Node properties and methods Some ways of accessing nodes Appending, copying and removing nodes Event handling – Inline – Scripting –

Review of the DOM Node properties and methods Some ways of accessing nodes Appending, copying and removing nodes Event handling – Inline – Scripting –

Similar presentations

Ads by Google