Programming and Verifying Interactive Web Applications
Shriram Krishnamurthi
Brown University
Server-side Web applications have grown increasingly common, sometimes
even replacing brick and mortar as the principal interface of
corporations. Correspondingly, Web browsers grow ever more powerful,
empowering users to attach bookmarks, switch between pages, clone
windows, and so forth. As a result, Web interactions are not
straight-line dialogs but complex nets of interaction steps.
In practice, programmers are unaware of or are unable to handle these
nets of interaction, making the Web interfaces of even major
organizations buggy and thus unreliable. Even when programmers do
address these constraints, the resulting programs have a seemingly
mangled structure, making them difficult to develop and hard to
maintain.
These problems are compounded by the need for the robust management of
data. Depending on context, both the availability and security of
data become paramount. This creates problems of access control, whose
policies can themselves be quite subtle and difficult to author
correctly.
In this talk, I will discuss these problems and describe solutions to
them. Most of this work has been done in the context of the PLT
Scheme Web server and the Continue conference management application.