{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:47:24Z","timestamp":1772164044663,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":23,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,22]],"date-time":"2011-10-22T00:00:00Z","timestamp":1319241600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,22]]},"DOI":"10.1145\/2048066.2048145","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T08:23:06Z","timestamp":1319530986000},"page":"1053-1068","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":78,"title":["F4F"],"prefix":"10.1145","author":[{"given":"Manu","family":"Sridharan","sequence":"first","affiliation":[{"name":"IBM T.J. Watson Research Center, Yorktown Heights, NY, USA"}]},{"given":"Shay","family":"Artzi","sequence":"additional","affiliation":[{"name":"IBM T.J. Watson Research Center, Yorktown Heights, NY, USA"}]},{"given":"Marco","family":"Pistoia","sequence":"additional","affiliation":[{"name":"IBM T.J. Watson Research Center, Yorktown Heights, NY, USA"}]},{"given":"Salvatore","family":"Guarnieri","sequence":"additional","affiliation":[{"name":"IBM Software Group, Littleton, MA, USA"}]},{"given":"Omer","family":"Tripp","sequence":"additional","affiliation":[{"name":"IBM Software Group, Littleton, MA, USA"}]},{"given":"Ryan","family":"Berg","sequence":"additional","affiliation":[{"name":"IBM Software Group, Littleton, MA, USA"}]}],"member":"320","published-online":{"date-parts":[[2011,10,22]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/1639950.1640073"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-24730-2_7"},{"key":"e_1_3_2_1_3_1","unstructured":"Java SE Desktop Technologies -- Java Beans. http:\/\/www.oracle.com\/technetwork\/java\/javase\/tech\/index-jsp-138795.htm%l.  Java SE Desktop Technologies -- Java Beans. http:\/\/www.oracle.com\/technetwork\/java\/javase\/tech\/index-jsp-138795.htm%l."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1640089.1640108"},{"key":"e_1_3_2_1_5_1","unstructured":"S. Burbeck. Applications programming in Smalltalk-80: How to use model-view-controller (MVC). http:\/\/st-www.cs.illinois.edu\/users\/smarch\/st-docs\/mvc.html 1992.  S. Burbeck. Applications programming in Smalltalk-80: How to use model-view-controller (MVC). http:\/\/st-www.cs.illinois.edu\/users\/smarch\/st-docs\/mvc.html 1992."},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146238.1146253"},{"key":"e_1_3_2_1_7_1","unstructured":"The Unified Expression Language. http:\/\/java.sun.com\/products\/jsp\/reference\/techart\/unifiedEL.html.  The Unified Expression Language. http:\/\/java.sun.com\/products\/jsp\/reference\/techart\/unifiedEL.html."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2001420.2001442"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-03013-0_3"},{"key":"e_1_3_2_1_10_1","unstructured":"Java EE at a Glance. http:\/\/www.oracle.com\/technetwork\/java\/javaee\/.  Java EE at a Glance. http:\/\/www.oracle.com\/technetwork\/java\/javaee\/."},{"key":"e_1_3_2_1_11_1","unstructured":"JavaServer Pages Technology. http:\/\/java.sun.com\/products\/jsp\/.  JavaServer Pages Technology. http:\/\/java.sun.com\/products\/jsp\/."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1007\/11575467_11"},{"key":"e_1_3_2_1_13_1","volume-title":"Proceedings of the 14th Usenix Security Symposium","author":"Livshits V. B.","year":"2005","unstructured":"V. B. Livshits and M. S. Lam . Finding security errors in Java programs with static analysis . In Proceedings of the 14th Usenix Security Symposium , Aug. 2005 . V. B. Livshits and M. S. Lam. Finding security errors in Java programs with static analysis. In Proceedings of the 14th Usenix Security Symposium, Aug. 2005."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542485"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/292540.292561"},{"key":"e_1_3_2_1_17_1","unstructured":"OWASP. Cross-site scripting. http:\/\/www.owasp.org\/index.php\/Cross-site_Scripting_(XSS). Accessed 16-August-2011.  OWASP. Cross-site scripting. http:\/\/www.owasp.org\/index.php\/Cross-site_Scripting_(XSS). Accessed 16-August-2011."},{"key":"e_1_3_2_1_18_1","volume-title":"USENIX Security Symposium","author":"Shankar U.","year":"2001","unstructured":"U. Shankar , K. Talwar , J. S. Foster , and D. Wagner . Detecting format string vulnerabilities with type qualifiers . In USENIX Security Symposium , 2001 . U. Shankar, K. Talwar, J. S. Foster, and D. Wagner. Detecting format string vulnerabilities with type qualifiers. In USENIX Security Symposium, 2001."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2001420.2001441"},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1542476.1542486"},{"key":"e_1_3_2_1_21_1","volume-title":"Proceedings of CASCON","author":"Vall\u00e9e-Rai R.","year":"1999","unstructured":"R. Vall\u00e9e-Rai , L. Hendren , V. Sundaresan , P. Lam , E. Gagnon , and P. Co . Soot - a Java optimization framework . In Proceedings of CASCON , 1999 . R. Vall\u00e9e-Rai, L. Hendren, V. Sundaresan, P. Lam, E. Gagnon, and P. Co. Soot - a Java optimization framework. In Proceedings of CASCON, 1999."},{"key":"e_1_3_2_1_22_1","unstructured":"T.J. Watson Libraries for Analysis (WALA). http:\/\/wala.sourceforge.net.  T.J. Watson Libraries for Analysis (WALA). http:\/\/wala.sourceforge.net."},{"key":"e_1_3_2_1_23_1","unstructured":"Wikipedia. Comparison of web application frameworks. http:\/\/en.wikipedia.org\/wiki\/Comparison_of_web_application_frameworks. Accessed 16-August-2011.  Wikipedia. Comparison of web application frameworks. http:\/\/en.wikipedia.org\/wiki\/Comparison_of_web_application_frameworks. Accessed 16-August-2011."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1146238.1146260"}],"event":{"name":"SPLASH '11: Conference on Systems, Programming, and Applications: Software for Humanity","location":"Portland Oregon USA","acronym":"SPLASH '11","sponsor":["SIGPLAN ACM Special Interest Group on Programming Languages"]},"container-title":["Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2048066.2048145","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2048066.2048145","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T05:48:32Z","timestamp":1750225712000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2048066.2048145"}},"subtitle":["taint analysis of framework-based web applications"],"short-title":[],"issued":{"date-parts":[[2011,10,22]]},"references-count":23,"alternative-id":["10.1145\/2048066.2048145","10.1145\/2048066"],"URL":"https:\/\/doi.org\/10.1145\/2048066.2048145","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/2076021.2048145","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2011,10,22]]},"assertion":[{"value":"2011-10-22","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}