Dyn JS

Dynamics of JavaScript

This page is now retired. Information is preserved here for archival purposes.

This project intends to analyze the dynamic behavior of JavaScript programs and its implications on analyses and security. The team working on this has included Gregor Richards, Fadi Meawad, Jan Vitek, Christian Hammer, Brian Burg, and Sylvain Lebresne.

Eval Begone! : Semi-Automated Removal of Eval from JavaScript Programs

As a followup to our study of the uses of eval, we have created a tool that profiles the dynamic usage of eval on any website, and suggests a replacement through a patch. The tool utilizes the JSBench framework.

JSBench: Automatically-Constructed Realistic JavaScript Benchmarks

The paper JSMeter: Comparing the Behavior of JavaScript Benchmarks with Real Web Applications (Web Apps 2010) as well as our own paper An Analysis of the Dynamic Behavior of JavaScript Programs (PLDI 2010) made clear that the current JavaScript benchmarks are poor representatives of real JavaScript programs. As such, we are working on creating more realistic benchmarks from first principles: By distilling benchmarks from real web pages, we hope to create benchmarks which faithfully reproduce the important parts of the original behavior, while also assuring correctness and repeatability.

JSLocker: Security for JavaScript

Providing security guarantees for software systems built out of untrusted components requires the ability to enforce fine-grained access control policies. This is evident in Web 2.0 applications where JavaScript code from different origins is often combined on a single page, leading to well-known vulnerabilities. We are working on a security infrastructure which allows users and content providers to specify access control policies over delimited histories, subsets of JavaScript execution traces, allowing revocation of the history, and reversion to a safe state if a violation is detected.

Use of Eval

We have recently collected extensive data on the use of eval in popular JavaScript programs. The findings will be presented at ECOOP 2011.

Gregor Richards, Christian Hammer, Brian Burg, Jan Vitek : The Eval that Men Do – A Large-scale Study of the Use of Eval in JavaScript Applications. Accepted for publication at ECOOP 2011.

We are currently working on creating a tool that will allow web developers to check if eval on their sites is really needed, and if not, provide alternative solutions.

Dynamic Behavior

Our paper An Analysis of the Dynamic Behavior of JavaScript Programs was published in PLDI 2010. It used the following tools and data:

Previous Work

The slides for Gregor's presentation on the dynamics of JavaScript at STOP 2009 are available: Presentation (4up)


This work is sponsored by a Microsoft Research SEIF award, a fellowship from Mozilla Corporation, and Google.