Gradual typing embedded securely in JavaScript

N. Swamy, C. Fournet, Aseem Rastogi, K. Bhargavan, Juan Chen, Pierre-Yves Strub, G. Bierman
{"title":"Gradual typing embedded securely in JavaScript","authors":"N. Swamy, C. Fournet, Aseem Rastogi, K. Bhargavan, Juan Chen, Pierre-Yves Strub, G. Bierman","doi":"10.1145/2535838.2535889","DOIUrl":null,"url":null,"abstract":"JavaScript's flexible semantics makes writing correct code hard and writing secure code extremely difficult. To address the former problem, various forms of gradual typing have been proposed, such as Closure and TypeScript. However, supporting all common programming idioms is not easy; for example, TypeScript deliberately gives up type soundness for programming convenience. In this paper, we propose a gradual type system and implementation techniques that provide important safety and security guarantees. We present TS# , a gradual type system and source-to-source compiler for JavaScript. In contrast to prior gradual type systems, TS# features full runtime reflection over three kinds of types: (1) simple types for higher-order functions, recursive datatypes and dictionary-based extensible records; (2) the type any, for dynamically type-safe TS# expressions; and (3) the type un, for untrusted, potentially malicious JavaScript contexts in which TS# is embedded. After type-checking, the compiler instruments the program with various checks to ensure the type safety of TS# despite its interactions with arbitrary JavaScript contexts, which are free to use eval, stack walks, prototype customizations, and other offensive features. The proof of our main theorem employs a form of type-preserving compilation, wherein we prove all the runtime invariants of the translation of TS# to JavaScript by showing that translated programs are well-typed in JS# , a previously proposed dependently typed language for proving functional correctness of JavaScript programs. We describe a prototype compiler, a secure runtime, and sample applications for TS#. Our examples illustrate how web security patterns that developers currently program in JavaScript (with much difficulty and still with dubious results) can instead be programmed naturally in TS#, retaining a flavor of idiomatic JavaScript, while providing strong safety guarantees by virtue of typing.","PeriodicalId":20683,"journal":{"name":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","volume":"23 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2014-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"70","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 41st ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2535838.2535889","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 70

Abstract

JavaScript's flexible semantics makes writing correct code hard and writing secure code extremely difficult. To address the former problem, various forms of gradual typing have been proposed, such as Closure and TypeScript. However, supporting all common programming idioms is not easy; for example, TypeScript deliberately gives up type soundness for programming convenience. In this paper, we propose a gradual type system and implementation techniques that provide important safety and security guarantees. We present TS# , a gradual type system and source-to-source compiler for JavaScript. In contrast to prior gradual type systems, TS# features full runtime reflection over three kinds of types: (1) simple types for higher-order functions, recursive datatypes and dictionary-based extensible records; (2) the type any, for dynamically type-safe TS# expressions; and (3) the type un, for untrusted, potentially malicious JavaScript contexts in which TS# is embedded. After type-checking, the compiler instruments the program with various checks to ensure the type safety of TS# despite its interactions with arbitrary JavaScript contexts, which are free to use eval, stack walks, prototype customizations, and other offensive features. The proof of our main theorem employs a form of type-preserving compilation, wherein we prove all the runtime invariants of the translation of TS# to JavaScript by showing that translated programs are well-typed in JS# , a previously proposed dependently typed language for proving functional correctness of JavaScript programs. We describe a prototype compiler, a secure runtime, and sample applications for TS#. Our examples illustrate how web security patterns that developers currently program in JavaScript (with much difficulty and still with dubious results) can instead be programmed naturally in TS#, retaining a flavor of idiomatic JavaScript, while providing strong safety guarantees by virtue of typing.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
在JavaScript中安全嵌入渐进类型
JavaScript灵活的语义使得编写正确的代码变得困难,而编写安全的代码则极其困难。为了解决前一个问题,已经提出了各种形式的渐进式类型,例如Closure和TypeScript。然而,支持所有常见的编程习惯并不容易;例如,TypeScript为了编程方便,故意放弃了类型的稳健性。在本文中,我们提出了一个渐进的类型系统和实现技术,提供了重要的安全和保障。我们介绍了ts#,一个渐变类型系统和JavaScript的源到源编译器。与之前的渐进式类型系统相比,ts#在三种类型上具有完整的运行时反射功能:(1)高阶函数的简单类型、递归数据类型和基于字典的可扩展记录;(2)类型any,用于动态类型安全的ts#表达式;(3)类型un,用于不受信任的,潜在的恶意JavaScript上下文,其中嵌入了ts#。在类型检查之后,编译器用各种检查为程序提供工具,以确保TS#的类型安全,尽管它与任意JavaScript上下文交互,这些上下文可以自由地使用eval、堆栈遍历、原型自定义和其他令人反感的特性。我们的主要定理的证明采用了一种类型保留编译的形式,其中我们证明了TS#到JavaScript翻译的所有运行时不变量,通过显示翻译的程序在JS#中是良好类型的,JS#是一种先前提出的用于证明JavaScript程序功能正确性的依赖类型语言。我们描述了一个原型编译器、一个安全运行时,以及TS#的示例应用程序。我们的例子说明了开发人员目前用JavaScript编写的web安全模式(有很多困难,结果仍然不确定)如何可以在TS#中自然地编程,保留习惯的JavaScript风格,同时通过类型提供强大的安全保证。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Session details: Verified systems Session details: Semantic models 2 Session details: Program analysis 3 Session details: Program analysis 1 Session details: Type system design
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1