An Operational Semantics for JavaScript

Maffeis, Sergio; Mitchell, John C.; Taly, Ankur

doi:10.1007/978-3-540-89330-1_22

Sergio Maffeis²,
John C. Mitchell³ &
Ankur Taly³

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 5356))

Included in the following conference series:

Asian Symposium on Programming Languages and Systems

981 Accesses
71 Citations

Abstract

We define a small-step operational semantics for the ECMAScript standard language corresponding to JavaScript, as a basis for analyzing security properties of web applications and mashups. The semantics is based on the language standard and a number of experiments with different implementations and browsers. Some basic properties of the semantics are proved, including a soundness theorem and a characterization of the reachable portion of the heap.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

AdSafe: Making JavaScript safe for advertising, http://www.adsafe.org/
Google-Caja, A.: source-to-source translator for securing JavaScript-based Web, http://code.google.com/p/google-caja/
Jscript (Windows Script Technologies), http://msdn2.microsoft.com/en-us/library/hbxc2t98.aspx
Rhino: Javascript for Java, http://www.mozilla.org/rhino/
Abadi, M., Cardelli, L.: A Theory of Objects. Springer, Heidelberg (1996)
Book MATH Google Scholar
Adida, B.: BeamAuth: two-factor Web authentication with a bookmark. In: ACM Computer and Communications Security, pp. 48–57 (2007)
Google Scholar
Anderson, C., Giannini, P., Drossopoulou, S.: Towards type inference for JavaScript. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 428–452. Springer, Heidelberg (2005)
Chapter Google Scholar
Eich, B.: Javascript at ten years, http://www.mozilla.org/js/language/ICFP-Keynote.ppt
Fisher, K., Honsell, F., Mitchell, J.C.: A lambda calculus of objects and method specialization. Nordic J. Computing (formerly BIT) 1, 3–37 (1994)
MathSciNet MATH Google Scholar
Flanagan, D.: JavaScript: The Definitive Guide. O’Reilly, Sebastopol (2006), http://proquest.safaribooksonline.com/0596101996
MATH Google Scholar
Herman, D.: Classic JavaScript, http://www.ccs.neu.edu/home/dherman/javascript/
Herman, D., Flanagan, C.: Status report: specifying JavaScript with ML. In: ML 2007: Proc. Workshop on ML, pp. 47–52 (2007)
Google Scholar
ECMA International. ECMAScript 4, http://www.ecmascript.org
ECMA International. ECMAScript language specification. stardard ECMA-262, 3rd Edition (1999), http://www.ecma-international.org/publications/ECMA-ST/Ecma-262.pdf
Maffeis, S., Mitchell, J., Taly, A.: Complete ECMA 262-3 operational semantics and long version of present paper. Semantics: http://jssec.net/semantics/ Paper: http://jssec.net/semantics/
Mitchell, J.C.: Toward a typed foundation for method specialization and inheritance. In: POPL 1990, pp. 109–124 (1990)
Google Scholar
Mozilla. Spidermonkey (javascript-c) engine, http://www.mozilla.org/js/spidermonkey/
Reis, C., Dunagan, J., Wang, H., Dubrovsky, O., Esmeir, S.: Browsershield: Vulnerability-driven filtering of dynamic HTML. ACM Transactions on the Web 1(3) (2007)
Google Scholar
Siek, J., Taha, W.: Gradual typing for objects. In: Ernst, E. (ed.) ECOOP 2007. LNCS, vol. 4609, pp. 2–27. Springer, Heidelberg (2007)
Chapter Google Scholar
The FaceBook Team. FBJS, http://wiki.developers.facebook.com/index.php/FBJS
Thiemann, P.: Towards a type system for analyzing JavaScript programs. In: Sagiv, M. (ed.) ESOP 2005, vol. 3444, pp. 408–422. Springer, Heidelberg (2005)
Chapter Google Scholar
Thiemann, P.: A type safe DOM api. In: Bierman, G., Koch, C. (eds.) DBPL 2005. LNCS, vol. 3774, pp. 169–183. Springer, Heidelberg (2005)
Chapter Google Scholar
Ungar, D., Smith, R.B.: Self: The power of simplicity. In: Proc. OOPSLA, vol. 22, pp. 227–242 (1987)
Google Scholar
Yu, D., Chander, A., Islam, N., Serikov, I.: JavaScript instrumentation for browser security. In: ACM POPL, pp. 237–249 (2007)
Google Scholar

Download references

Author information

Authors and Affiliations

Department of Computing, Imperial College London, UK
Sergio Maffeis
Department of Computer Science, Stanford University, USA
John C. Mitchell & Ankur Taly

Authors

Sergio Maffeis
View author publications
You can also search for this author in PubMed Google Scholar
John C. Mitchell
View author publications
You can also search for this author in PubMed Google Scholar
Ankur Taly
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Microsoft Research India, 196/36, 2nd Main, Sadashivnagar, 560080, Bangalore, India
G. Ramalingam

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Maffeis, S., Mitchell, J.C., Taly, A. (2008). An Operational Semantics for JavaScript. In: Ramalingam, G. (eds) Programming Languages and Systems. APLAS 2008. Lecture Notes in Computer Science, vol 5356. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-89330-1_22

Download citation

DOI: https://doi.org/10.1007/978-3-540-89330-1_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-89329-5
Online ISBN: 978-3-540-89330-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics