Published: 17th September 2010
DOI: 10.4204/EPTCS.35
ISSN: 2075-2180

EPTCS 35

Proceedings Fourth International Workshop on
Testing, Analysis and Verification of Web Software
Antwerp, Belgium, 21 September 2010

Edited by: Gwen Salaün, Xiang Fu and Sylvain Hallé

Preface
Gwen Salaün, Xiang Fu and Sylvain Hallé
1
Optimizing Computation of Recovery Plans for BPEL Applications
Jocelyn Simmonds, Shoham Ben-David and Marsha Chechik
3
Structural Learning of Attack Vectors for Generating Mutated XSS Attacks
Yi-Hsun Wang, Ching-Hao Mao and Hahn-Ming Lee
15
Preventing SQL Injection through Automatic Query Sanitization with ASSIST
Raymond Mui and Phyllis Frankl
27
Relational Constraint Driven Test Case Synthesis for Web Applications
Xiang Fu
39
Browser-based Analysis of Web Framework Applications
Benjamin Kersten and Michael Goedicke
51
Contracting the Facebook API
Ben Rubinger and Tevfik Bultan
63
Analysis and Verification of Service Interaction Protocols - A Brief Survey
Gwen Salaün
75

Preface

This volume contains the proceedings of TAV-WEB 2010, the 4th International Workshop on Testing, Analysis and Verification of Web Software. TAV-WEB 2010 was held in Antwerp, Belgium on September 21st, 2010 as a satellite event of the 25th IEEE/ACM International Conference on Automated Software Engineering (ASE 2010).

The workshop aims at bringing together researchers from the international software engineering community working in different fields related to the development and analysis of web-based systems. Topics include but are not limited to formal models, techniques, tools, industrial cases, and methodologies on web software development and analysis.

This year, we received ten submissions. Papers underwent a rigorous review process, and received three review reports. After the review process, the international Program Committee of TAV-WEB 2010 decided to select seven papers for presentation during the workshop and inclusion in these proceedings. These papers tackle different issues that are currently central to our community, namely Analysis and Verification of Web Services, Debugging and Run-time Monitoring of Web Applications, and Web Security and Testing.

We would like to thank all the members of the program committee for their great work during the review process:

Luciano Baresi     Politecnico di Milano (Italy)
Tevfik Bultan     UCSB, Santa Barbara (US)
Gregorio Diaz     University of Castilla la Mancha (Spain)
Francisco Duran     University of Malaga (Spain)
Howard Foster     Imperial College, London (UK)
Xiang Fu     Hofstra University (US)
William Halfond     University of Southern California (US)
Sylvain Hallé     Université du Québec à Chicoutimi (Canada)
Yang Liu     National University of Singapore (Singapore)
Tiziana Margaria     University of Potsdam (Germany)
John Mullins     Montreal Polytechnical School (Canada)
Jeff Offutt     George Mason University (US)
Gwen Salaün     Grenoble INP-INRIA-LIG (France)
Marjan Sirjani     Reykjavik University (Iceland)
Sara Sprenkle     Washington & Lee University (US)
Fatiha Zaidi     University of Paris-Sud XI (France)

We also express our gratitude to the external reviewers for their participation during the review process of the submissions, all the authors for submitting papers to the workshop, and the authors who participate in the workshop in Antwerp. All these people contribute to the success of the 2010 edition of TAV-WEB.




Gwen Salaün, Xiang Fu and Sylvain Hallé