期刊名称:Electronic Proceedings in Theoretical Computer Science
电子版ISSN:2075-2180
出版年度:2010
卷号:35
页码:39-50
DOI:10.4204/EPTCS.35.4
出版社:Open Publishing Association
摘要:This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight adaptation, the technique can be used for discovering workflow attacks on web applications.
