afp-mirror
/
Core_SC_DOM
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 1 Wiki Activity
Local mirror of the Archive of Formal Proof (AFP) entry "Core_SC_DOM".
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
250 KiB
 
 
 
Branch: main
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'main'
${ noResults }
Core_SC_DOM/CITATION

77 lines
4.3 KiB
Raw Permalink Blame History 

  1. To cite the use of this formal theory, please use

  2. 

  3.   Achim D. Brucker and Michael Herzberg. The Safely Composable DOM. In Archive of

  4.   Formal Proofs, 2020. http://www.isa-afp.org/entries/Core_SC_DOM.html,

  5.   Formal proof development

  6. 

  7. A BibTeX entry for LaTeX users is

  8. 

  9. @Article{         brucker.ea:afp-core-sc-dom:2020,

  10.   author        = {Achim D. Brucker and Michael Herzberg},

  11.   title         = {The Safely Composable {DOM}},

  12.   journal       = {Archive of Formal Proofs},

  13.   month         = sep,

  14.   year          = 2020,

  15.   date          = {2020-09-28},

  16.   note          = {\url{http://www.isa-afp.org/entries/Core_SC_DOM.html}, Formal proof development},

  17.   issn          = {2150-914x},

  18.   abstract      = { In this AFP entry, we formalize the core of the Safely Composable Document Object Model (SC DOM).

  19.                   The SC DOM improve the standard DOM by strengthening the tree boundaries set by shadow roots: in the

  20.                   SC DOM, the shadow root is a sub-class of the document class (instead of a base class).

  21. 

  22.                   This modifications also results in changes to some API methods (e.g., getOwnerDocument) to return the

  23.                   nearest shadow root rather than the document root. As a result, many API methods that, when called on

  24.                   a node inside a shadow tree, would previously ``break out'' and return or modify nodes that are

  25.                   possibly outside the shadow tree, now stay within its boundaries. This change in behavior makes

  26.                   programs that operate on shadow trees more predictable for the developer and allows them to make more

  27.                   assumptions about other code accessing the DOM. },

  28.   public        = {yes},

  29.   classification= {formal},

  30.   categories    = {websecurity},

  31.   pdf           = {http://www.brucker.ch/bibliography/download/2020/brucker.ea-afp-core-sc-dom-2020.pdf},

  32.   filelabel     = {Outline},

  33.   file          = {http://www.brucker.ch/bibliography/download/2020/brucker.ea-afp-core-sc-dom-outline-2020.pdf},

  34.   areas         = {formal methods, security, software engineering},

  35.   url           = {http://www.brucker.ch/bibliography/abstract/brucker.ea-afp-core-sc-dom-2020}

  36. }

  37. 

  38. 

  39. An overview of the formalization is given in:

  40. 

  41.   Achim D. Brucker and Michael Herzberg. A Formal Semantics of the Core DOM 

  42.   in Isabelle/HOL. In The 2018 Web Conference Companion (WWW). Pages 741-749, 

  43.   ACM Press, 2018. doi:10.1145/3184558.3185980

  44. 

  45. A BibTeX entry for LaTeX users is

  46. 

  47. @InProceedings{ brucker.ea:core-dom:2018,

  48. 	abstract = {At its core, the Document Object Model (DOM) defines a tree-like           

  49.                     data structure for representing documents in general and HTML  

  50.                     documents in particular. It forms the heart of any rendering engine 

  51.                     of modern web browsers. Formalizing the key concepts of the DOM is 

  52.                     a pre-requisite for the formal reasoning over client-side JavaScript 

  53.                     programs as well as for the analysis of security concepts in modern 

  54.                     web browsers. In this paper, we present a formalization of the core DOM, 

  55.                     with focus on the node-tree and the operations defined on node-trees, 

  56.                     in Isabelle/HOL. We use the formalization to verify the functional 

  57.                     correctness of the most important functions defined in the DOM standard. 

  58.                     Moreover, our formalization is (1) extensible, i.e., can be extended without 

  59.                     the need of re-proving already proven properties and (2) executable, i.e., 

  60.                     we can generate executable code from our specification.},

  61. 	address	 = {New York, NY, USA},

  62. 	author	 = {Achim D. Brucker and Michael Herzberg},

  63. 	booktitle= {The 2018 Web Conference Companion (WWW)},

  64. 	conf_date= {April 23-27, 2018},

  65. 	doi	 = {10.1145/3184558.3185980},

  66. 	editor	 = {Pierre{-}Antoine Champin and Fabien L. Gandon and Mounia Lalmas and Panagiotis G. Ipeirotis},

  67. 	isbn	 = {978-1-4503-5640-4/18/04},

  68. 	keywords = {Document Object Model, DOM, Formal Semantics, Isabelle/HOL},

  69. 	location = {Lyon, France},

  70. 	pages	 = {741--749},

  71. 	pdf	 = {https://www.brucker.ch/bibliography/download/2018/brucker.ea-core-dom-2018.pdf},

  72. 	publisher= {ACM Press},

  73. 	title	 = {A Formal Semantics of the Core {DOM} in {Isabelle/HOL}},

  74. 	url	 = {https://www.brucker.ch/bibliography/abstract/brucker.ea-core-dom-2018},

  75. 	year	 = {2018},

  76. }