Dynamics of JavaScript

This page chronicles and archives efforts to

The team working on this includes Gregor Richards, Jan Vitek, Francesco Zappa Nardelli, Adam Domurad and alumni Fadi Meawad, Christian Hammer, Brian Burg, and Sylvain Lebresne.

Concrete Types for TypeScript

As our first foray into TypeScript, our ECOOP 2015 paper Concrete Types for TypeScript describes language extensions which allow safe static typing in TypeScript, a system which previously had only unsound types.

More information on the system, StrongScript, can be found at its homepage.

Eval Begone! : Semi-Automated Removal of Eval from JavaScript Programs

As a followup to our study of the uses of eval, we have created a tool that profiles the dynamic usage of eval on any website, and suggests a replacement through a patch. The tool utilizes the JSBench framework.

JSBench: Automatically-Constructed Realistic JavaScript Benchmarks

The paper JSMeter: Comparing the Behavior of JavaScript Benchmarks with Real Web Applications (Web Apps 2010) as well as our own paper An Analysis of the Dynamic Behavior of JavaScript Programs (PLDI 2010) made clear that the current JavaScript benchmarks are poor representatives of real JavaScript programs. As such, we are working on creating more realistic benchmarks from first principles: By distilling benchmarks from real web pages, we hope to create benchmarks which faithfully reproduce the important parts of the original behavior, while also assuring correctness and repeatability.

JSLocker: Security for JavaScript

Providing security guarantees for software systems built out of untrusted components requires the ability to enforce fine-grained access control policies. This is evident in Web 2.0 applications where JavaScript code from different origins is often combined on a single page, leading to well-known vulnerabilities. We are working on a security infrastructure which allows users and content providers to specify access control policies over delimited histories, subsets of JavaScript execution traces, allowing revocation of the history, and reversion to a safe state if a violation is detected.

Use of Eval

We have recently collected extensive data on the use of eval in popular JavaScript programs. The findings will be presented at ECOOP 2011.

Gregor Richards, Christian Hammer, Brian Burg, Jan Vitek : The Eval that Men Do – A Large-scale Study of the Use of Eval in JavaScript Applications. Accepted for publication at ECOOP 2011.

We are currently working on creating a tool that will allow web developers to check if eval on their sites is really needed, and if not, provide alternative solutions.

Dynamic Behavior

Our paper An Analysis of the Dynamic Behavior of JavaScript Programs was published in PLDI 2010. It used the following tools and data:

Previous Work

The slides for Gregor's presentation on the dynamics of JavaScript at STOP 2009 are available: Presentation (4up)


This work is sponsored by a Microsoft Research SEIF award, a fellowship from Mozilla Corporation, and Google.

Photo credits