1 / 141

Flexible, Safe, and Efficient Dynamic Generation of HTML

Flexible, Safe, and Efficient Dynamic Generation of HTML. Claus Brabrand * Anders Møller, Anders Sandholm, and Michael Schwartzbach BRICS , University of Aarhus, Denmark *Visiting IBM Research, Hawthorne, NY, USA. Outline. Introduction Dynamic Documents Type Safety HTML Validation

marva
Télécharger la présentation

Flexible, Safe, and Efficient Dynamic Generation of HTML

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Flexible, Safe, and Efficient Dynamic Generation of HTML Claus Brabrand* Anders Møller, Anders Sandholm, and Michael Schwartzbach BRICS, University of Aarhus, Denmark *Visiting IBM Research, Hawthorne, NY, USA IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  2. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  3. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  4. Interactive (Form-Based) Web Services • Approaches: • Script-Centered • Page-Centered • Session-Centered ”Web servers on which clients can initiate sessions that involve several exchanges of information mediated by HTML forms”. client Internet server IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  5. Script-Centered:Perl/CGI e save e submit restore Web Service e CLIENT INTERNET SERVER IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  6. Page-Centered:PHP, ASP, JSP, ... e save e submit restore Web Service e CLIENT INTERNET SERVER IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  7. Page-Centered “Service code embedded in tags and interpreted by specialized Web server” • Increased level of abstraction: • CGI protocol details abstracted away • Easy to add dynamics to static pages: • Scalability: • Specialized Web server <html><body>Time: <%= Now() %></body></html> <%= Now() %> IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  8. Script- vs. Page-Centered • As the service complexity increases: • Page-Centered  Script-Centered • A lot of HTML is generated by script elements • Interesting duality: • Script-centered: • Default: programming,Escape: printing (print) • Page-centered: • Default: printing,Escape: programming (<%...%>) IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  9. Web Service Both:Fundamental Drawbacks! • Interpretation-based: • Errors at runtime • (Efficiency) • A service = A collection of scripts/pages! • Implicit control-flow: • No input / output correspondence: <input name=”x”> <%= $y %> submit a_script another_script IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  10. Language Requirements! • Compilation-based: • Errors at compile-time • (Efficiency) • A complete service specification • Explicit control-flow: • Statically check input / output correspondence IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  11. Session-Centered:Mawl and <bigwig>! e Web Service suspend x e show x; save restore submit resume y e show y; one process CLIENT INTERNET SERVER IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  12. What is <bigwig>? • A high-level domain-specific programming language for developing interactive Web services. HTML JavaScript Complete Service Specification <bigwig> CGI Scripts HTTP Auth. Java Applets IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  13. A collection ofDomain Specific Languages • C-like core language with • Session-based runtime system • Dynamic documents • Form-field validation • Relational database • Concurrency control • Semantic security • Cryptographic security • Syntactic-level macros IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  14. A collection ofDomain Specific Languages • C-like core language with • Session-based runtime system • Dynamic documents • Form-field validation • Relational database • Concurrency control • Semantic security • Cryptographic security • Syntactic-level macros IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  15. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  16. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  17. Dynamically Generated HTML:Current Problems • Traditionally: • print(...) in Perl/CGI • <% print(...) %> in PHP, ASP, JSP, ... • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  18. Our Solution: HTML documents in <bigwig> • Templates (1st class, higher-ordervalues): • XML fragments with named gaps: • Operations: • plug: for document construction • show: for client interaction <html> Hello <[what]>! </html> IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  19. Plug • Plug:exp<[id=exp] IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  20. Plug • Plug:exp<[id=exp] • Example: html hello = <html>Hello <[what]>!</html>; html world = <html><b>World</b></html>; html h = hello <[what = world]; ...; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  21. Show • Show:showexp; x e suspend showx; resume submit CLIENT INTERNET SERVER IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  22. Show • Show:showexp; • Example: x e suspend showx; resume submit CLIENT INTERNET SERVER html hello = <html>Hello <[what]>!</html>; html world = <html><b>World</b></html>; htmlh = hello <[what = world]; show h; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  23. Show-Receive • Show:showexpreceive[v=f, ...]; x e suspend showx; receive & resume submit f, ... CLIENT INTERNET SERVER IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  24. Show-Receive • Show:showexpreceive[v=f, ...]; • Example: x e suspend showx; receive & resume submit f, ... CLIENT INTERNET SERVER string s; htmlinput = <html> Enter email: <input type=”text” name=”email”> </html>; show input receive[s = email]; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  25. Example: ”Welcome” html greeting = <html> Hello <[who]>, welcome to <[what]>. </html>; html cover = <html> <head><title>Welcome</title></head> <body><[contents]></body> </html>; html h; h = greeting <[who = ”Stranger”]; h = h <[what = <html><b>BRICS</b></html>]; show cover <[contents = h]; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  26. Flexibility: PHP/ASP/JSP • List of results (e.g. “search engine”): • One template with 10,20,30, or 40 hardwiredserver-sidescript elements: • One template with one big ”generate-all”server-side script element: script-centered <% ..1.. %> <% ..2.. %> : ...or... <% ..20.. %> <% for i=1 to N do { ..i.. } %> IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  27. Flexibility:<bigwig> <ul> <li>1 <li>2 : <li>N </ul> • List of results (e.g. “search engine”): IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  28. Flexibility:<bigwig> <ul> <li>1 <li>2 : <li>N </ul> • List of results (e.g. “search engine”): • Two templates: “layout” and “entry”... htmllayout = <html><ul><[items]></ul><html>; html entry = <html><li><[num]><[items]></html>; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  29. Flexibility:<bigwig> <ul> <li>1 <li>2 : <li>N </ul> • List of results (e.g. “search engine”): • Two templates: “layout” and “entry”... • ...and one recursive function: “f” htmllayout = <html><ul><[items]></ul><html>; html entry = <html><li><[num]><[items]></html>; html f(int n) { if (n == 0) returnlayout; return f(n-1) <[items = entry <[num = n]]; } IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  30. Flexibility:<bigwig> <ul> <li>1 <li>2 : <li>27 </ul> • List of results (e.g. “search engine”): • Two templates: “layout” and “entry”... • ...and one recursive function: “f” • Example usage: htmllayout = <html><ul><[items]></ul><html>; html entry = <html><li><[num]><[items]></html>; html f(int n) { if (n == 0) returnlayout; return f(n-1) <[items = entry <[num = n]]; } showf(27); IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  31. Problems? • “DynDoc”: • Templates with named gaps • Plug and show • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  32. Problems? • “DynDoc”: • Templates with named gaps • Plug and show • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  33. Problems? • “DynDoc”: • Templates with named gaps • Plug and show • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  34. Problems? • “DynDoc”: • Templates with named gaps • Plug and show • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  35. Problems? • Problems: • Forces linear document construction • Intermixes programmer/ designer aspects • No input / output correspondence • No static HTML validation • No common fragments caching <input name=”x”> <%= $y %> submit a_script another_script IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  36. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  37. Outline • Introduction • Dynamic Documents • Type Safety • HTML Validation • Caching • Form-Field Validation • Conclusion IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  38. Type Safety(in terms of <bigwig>) • Show/Receive correspondence: • Gap presence: htmld = <html> Enter email: <input type=“text” name=“email”> <html>; showd receive[s = age];  htmlhello = <html>Hello <[what]>!<html>; html world = <html><b>World</b></html>; html h; h = hello <[contents = world];  IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  39. Static Analysis! Apply standard, data-flow analysis techniques, but with highly domain-specific lattices IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  40. A (5 mins) Crash Course on Data-Flow Analysis Claus Brabrand* BRICS, University of Aarhus, Denmark *Visiting IBM Research, Hawthorne, NY, USA IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  41. Data-Flow Analysis “Simulate runtime execution at compile-time using abstract values” • We need 3 things: • A control-flow graph • A lattice • Transfer functions IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  42. Data-Flow Analysis “Simulate runtime execution at compile-time using abstract values” • We need 3 things: • A control-flow graph • A lattice • Transfer functions • Example: “integer constant propagation” IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  43. A Control Flow Graph int x = 1; int x = 1; int y = 3; if (..) { x = x+2; } else { x <-> y; } ...; // x? y? int y = 3;  if-else true false x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  44. A Lattice • Lattice L of abstract values of interestand their relationships (i.e. ordering “”): • Induces least-upper-bound operator: (a.k.a. “join”) for joining information “top” ~ “value unknown at C-T!” ·· -3 -2 -1 0 1 2 3 ·· “bottom” ~ “we haven’t analyzed yet” IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  45. , if n =  m = n L m = , if n =  m = r , o.w. (where r = n + m) Transfer Functions • For simulating statement computation(on abstract envs, ENVL = VAR L  L|VAR|): • Transfer Function: ENVL ENVL • Examples: • E . E[y  3] • E . E[x  E(x) L2] ...where int y = 3; x = x + 2; IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  46. Data-Flow Analysis! int x = 1; int y = 3; if-else x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  47. Data-Flow Analysis! int x = 1; E . E[x  1] int y = 3; E . E[y  3] if-else E . E[x  E(x) 2] E . E[x  E(y), y E(x)] x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  48. Data-Flow Analysis! int x = 1; E . E[x  1] int y = 3; E . E[y  3] if-else E . E[x  E(x) 2] E . E[x  E(y), y E(x)] x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  49. [ , ]  ENVL [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] Data-Flow Analysis! x y int x = 1; E . E[x  1] int y = 3; E . E[y  3] if-else E . E[x  E(x) 2] E . E[x  E(y), y E(x)] x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

  50. [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] [ , ] Data-Flow Analysis! int x = 1; E . E[x  1] [ 1 , ] int y = 3; E . E[y  3] if-else E . E[x  E(x) 2] E . E[x  E(y), y E(x)] x = x+2; x <-> y; ...; // x? y? IBM Research, NY, USA Dynamic Generation of HTML July 13, 2001

More Related