Journal of Frontiers of Computer Science and Technology ›› 2018, Vol. 12 ›› Issue (1): 101-111.DOI: 10.3778/j.issn.1673-9418.1609037

Previous Articles     Next Articles

Detecting Asynchronous Request Sequence Problems in Web Applications

JI Huabin, SHANG Ying, LI Zheng+   

  1. College of Information Science & Technology, Beijing University of Chemical Technology, Beijing 100029, China
  • Online:2018-01-01 Published:2018-01-09

Web应用程序异步请求时序问题检测

吉华斌,尚  颖,李  征+   

  1. 北京化工大学 信息科学与技术学院,北京 100029

Abstract: AJAX (asynchronous JavaScript and XML) has been widely adopted in Web applications, which achieves asynchronous interaction. In an AJAX process, improper code design and network delays may lead to data errors and asynchronous faults. Static and dynamic approaches have been proposed to detect such faults, however a fact is ignored, i.e., the return data of an asynchronous operation may contain events that can further trigger asynchronous request and result in asynchronous faults. In this paper, based on dynamic approaches, the complete return data of asynchronous request from the server side is acquired via the URL parameter whose return data contain event operation, in which the events are abstracted. The possible asynchronous faults are analyzed between two return event operations or between one of them and original asynchronous request, which is defined as the asynchronous request sequence problems. Then the asynchronous request interleaving graph is constituted to detect asynchronous request errors by the connected relationship of the graph. Based on the proposed approach, a tool prototype is established for automated testing asynchronous request in Web applications. Five case applications and five open source Web applications are selected for experiments. By controlling the verify network conditions, the results show that the proposed approach is effective for detecting the asynchronous request faults. Moreover, compared with previous methods, it even can detect more Web application errors.

Key words: Web application detection, asynchronous request sequence, interleaving graph

摘要: AJAX(asynchronous JavaScript and XML)技术广泛应用于Web应用程序,实现了异步发送请求。在异步请求过程中,由于程序代码设计不合理和网络延迟等原因,会引发异步请求错误。目前的研究提出了静态和动态的分析方法检测AJAX错误,然而忽略了返回数据中包含可能存在事件操作的异步请求,同样可以引发异步请求错误。在动态分析技术的基础上,通过URL参数从服务器端获取完整的返回数据并解析其中的事件操作,分析事件操作之间或与原有的异步请求之间可能引发的问题,并将此类问题定义为异步请求时序问题;然后将两者一起构成异步请求交错图,通过图的连通关系检测可能发生的异步请求错误;最后在此基础上提出了一个完整的工具原型,用于自动化检测Web应用程序中的异步请求时序问题。利用所提出的方法,针对现有5个特定Web应用程序和5个开源Web应用程序,检测异步请求中的三类问题,并通过控制网络条件进行验证,结果表明了该检测方法的有效性,与之前的方法相比,该方法能够实现更多的Web应用程序问题检测。

关键词: Web应用程序检测, 异步请求时序, 交错图