{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T04:14:11Z","timestamp":1750220051572,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":69,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3590342","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"785-796","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["A Honey postMessage, but a Heart of Gall: Exploiting Push Service in Service Workers Via postMessage"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0007-0676-3198","authenticated-orcid":false,"given":"Yeomin","family":"Jeong","sequence":"first","affiliation":[{"name":"Korea University, Korea, South ? Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9984-6879","authenticated-orcid":false,"given":"Woonghee","family":"Lee","sequence":"additional","affiliation":[{"name":"Korea University, Korea, South ? Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4823-4194","authenticated-orcid":false,"given":"Junbeom","family":"Hur","sequence":"additional","affiliation":[{"name":"Korea University, Korea, South ? Republic of Korea"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"unstructured":"RFC 8292.2017. Voluntary Application Server Identification (VAPID) for Web Push. https:\/\/www.rfc-editor.org\/rfc\/rfc8292  RFC 8292.2017. Voluntary Application Server Identification (VAPID) for Web Push. https:\/\/www.rfc-editor.org\/rfc\/rfc8292","key":"e_1_3_2_1_1_1"},{"unstructured":"Acunetix.2001. Types of XSS: Stored XSS Reflected XSS and DOM-based XSS.https:\/\/www.acunetix.com\/websitesecurity\/xss\/  Acunetix.2001. Types of XSS: Stored XSS Reflected XSS and DOM-based XSS.https:\/\/www.acunetix.com\/websitesecurity\/xss\/","key":"e_1_3_2_1_2_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_3_1","DOI":"10.1145\/3427228.3427290"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_4_1","DOI":"10.1145\/3471621.3471845"},{"unstructured":"JavaScript Compressor.2004. Online Javascript compressor.https:\/\/javascriptcompressor.com\/  JavaScript Compressor.2004. Online Javascript compressor.https:\/\/javascriptcompressor.com\/","key":"e_1_3_2_1_5_1"},{"unstructured":"[\n  6\n  ]  Content-Security-Policy. 2013. https:\/\/content-security-policy.com\/  [6] Content-Security-Policy. 2013. https:\/\/content-security-policy.com\/","key":"e_1_3_2_1_6_1"},{"unstructured":"DarkReading.2021. JavaScript Packing Found in More Than 25% of Malicious Sites.https:\/\/www.darkreading.com\/application-security\/javascript-packing-found-in-more-than-25-of-malicious-sites  DarkReading.2021. JavaScript Packing Found in More Than 25% of Malicious Sites.https:\/\/www.darkreading.com\/application-security\/javascript-packing-found-in-more-than-25-of-malicious-sites","key":"e_1_3_2_1_7_1"},{"unstructured":"Chrome Developers.2020. Notification Actions in Chrome 48.https:\/\/developer.chrome.com\/blog\/notification-actions\/  Chrome Developers.2020. Notification Actions in Chrome 48.https:\/\/developer.chrome.com\/blog\/notification-actions\/","key":"e_1_3_2_1_8_1"},{"unstructured":"Google Developers.2015. Push Notifications on the Open Web.https:\/\/developer.chrome.com\/blog\/push-notifications-on-the-open-web\/  Google Developers.2015. Push Notifications on the Open Web.https:\/\/developer.chrome.com\/blog\/push-notifications-on-the-open-web\/","key":"e_1_3_2_1_9_1"},{"unstructured":"Google Developers.2019. Tweaks to cache.addAll() and importScripts() coming in Chrome 71.https:\/\/developers.google.com\/web\/updates\/2018\/10\/tweaks-to-addAll-importScripts  Google Developers.2019. Tweaks to cache.addAll() and importScripts() coming in Chrome 71.https:\/\/developers.google.com\/web\/updates\/2018\/10\/tweaks-to-addAll-importScripts","key":"e_1_3_2_1_10_1"},{"unstructured":"Google Developers.2022. Progressive Web Apps.https:\/\/web.dev\/i18n\/en\/progressive-web-apps\/  Google Developers.2022. Progressive Web Apps.https:\/\/web.dev\/i18n\/en\/progressive-web-apps\/","key":"e_1_3_2_1_11_1"},{"unstructured":"OWASP Foundation.2001. OWASP.https:\/\/owasp.org\/  OWASP Foundation.2001. OWASP.https:\/\/owasp.org\/","key":"e_1_3_2_1_12_1"},{"unstructured":"OpenJS foundation.2015. NodeJs.https:\/\/nodejs.org\/en\/  OpenJS foundation.2015. NodeJs.https:\/\/nodejs.org\/en\/","key":"e_1_3_2_1_13_1"},{"unstructured":"Felix Gerschau.2021. How to communicate with Service Workers.https:\/\/felixgerschau.com\/how-to-communicate-with-service-workers\/  Felix Gerschau.2021. How to communicate with Service Workers.https:\/\/felixgerschau.com\/how-to-communicate-with-service-workers\/","key":"e_1_3_2_1_14_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_15_1","DOI":"10.1016\/j.cose.2018.09.010"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.1145\/2897845.2897901"},{"unstructured":"HackerOne.2005. HackerOne.https:\/\/www.hackerone.com\/  HackerOne.2005. HackerOne.https:\/\/www.hackerone.com\/","key":"e_1_3_2_1_17_1"},{"unstructured":"Isatou Hydara Putra Malaysia Selangor Abu Bakar\u00a0Md Sultan Selangor\u00a0Hazura Zulzalil and Selangor Novia\u00a0Indriaty Admodisastro. [n. d.]. Security Impact of Cross-site Scripting Vulnerabilities on Web Applications and Their Awareness. ([n. d.]).  Isatou Hydara Putra Malaysia Selangor Abu Bakar\u00a0Md Sultan Selangor\u00a0Hazura Zulzalil and Selangor Novia\u00a0Indriaty Admodisastro. [n. d.]. Security Impact of Cross-site Scripting Vulnerabilities on Web Applications and Their Awareness. ([n. d.]).","key":"e_1_3_2_1_18_1"},{"unstructured":"ionic.2021. Service Workers.https:\/\/stenciljs.com\/docs\/service-workers  ionic.2021. Service Workers.https:\/\/stenciljs.com\/docs\/service-workers","key":"e_1_3_2_1_19_1"},{"unstructured":"iZooto.2021. Push Notification APIs Explained.https:\/\/www.izooto.com\/blog\/how-web-push-api-works  iZooto.2021. Push Notification APIs Explained.https:\/\/www.izooto.com\/blog\/how-web-push-api-works","key":"e_1_3_2_1_20_1"},{"unstructured":"JSONPlaceholder.2014. JSON Placeholder.https:\/\/jsonplaceholder.typicode.com\/  JSONPlaceholder.2014. JSON Placeholder.https:\/\/jsonplaceholder.typicode.com\/","key":"e_1_3_2_1_21_1"},{"key":"e_1_3_2_1_22_1","volume-title":"Awakening the Web\u2019s Sleeper Agents: Misusing Service Workers for Privacy Leakage. In Network and Distributed System Security Symposium.","author":"Karami Soroush","year":"2021","unstructured":"Soroush Karami , Panagiotis Ilia , and Jason Polakis . 2021 . Awakening the Web\u2019s Sleeper Agents: Misusing Service Workers for Privacy Leakage. In Network and Distributed System Security Symposium. Soroush Karami, Panagiotis Ilia, and Jason Polakis. 2021. Awakening the Web\u2019s Sleeper Agents: Misusing Service Workers for Privacy Leakage. In Network and Distributed System Security Symposium."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_23_1","DOI":"10.1109\/ICIIP.2015.7414815"},{"key":"e_1_3_2_1_24_1","volume-title":"Thou shalt not depend on me: Analysing the use of outdated javascript libraries on the web. arXiv preprint arXiv:1811.00918","author":"Lauinger Tobias","year":"2018","unstructured":"Tobias Lauinger , Abdelberi Chaabane , Sajjad Arshad , William Robertson , Christo Wilson , and Engin Kirda . 2018. Thou shalt not depend on me: Analysing the use of outdated javascript libraries on the web. arXiv preprint arXiv:1811.00918 ( 2018 ). Tobias Lauinger, Abdelberi Chaabane, Sajjad Arshad, William Robertson, Christo Wilson, and Engin Kirda. 2018. Thou shalt not depend on me: Analysing the use of outdated javascript libraries on the web. arXiv preprint arXiv:1811.00918 (2018)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_25_1","DOI":"10.1145\/3243734.3243867"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_26_1","DOI":"10.1145\/2508859.2516703"},{"unstructured":"mdn\u00a0web docs.2013. Progressive Web App.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Progressive_web_apps\/Introduction  mdn\u00a0web docs.2013. Progressive Web App.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Progressive_web_apps\/Introduction","key":"e_1_3_2_1_27_1"},{"unstructured":"mdn\u00a0web docs.2013. Regular expressions.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/JavaScript\/Guide\/Regular_Expressions  mdn\u00a0web docs.2013. Regular expressions.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/JavaScript\/Guide\/Regular_Expressions","key":"e_1_3_2_1_28_1"},{"unstructured":"mdn\u00a0web docs.2013. X-XSS-Protection.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/HTTP\/Headers\/X-XSS-Protection  mdn\u00a0web docs.2013. X-XSS-Protection.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/HTTP\/Headers\/X-XSS-Protection","key":"e_1_3_2_1_29_1"},{"unstructured":"mdn\u00a0web docs.2015. Client.postMessage.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Client\/postMessage  mdn\u00a0web docs.2015. Client.postMessage.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Client\/postMessage","key":"e_1_3_2_1_30_1"},{"unstructured":"mdn\u00a0web docs.2015. EventTarget.addEventListener().https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/EventTarget\/addEventListenerI  mdn\u00a0web docs.2015. EventTarget.addEventListener().https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/EventTarget\/addEventListenerI","key":"e_1_3_2_1_31_1"},{"unstructured":"mdn\u00a0web docs.2015. Fetch API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Fetch_API  mdn\u00a0web docs.2015. Fetch API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Fetch_API","key":"e_1_3_2_1_32_1"},{"unstructured":"mdn\u00a0web docs.2015. Web Workers API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Web_Workers_API  mdn\u00a0web docs.2015. Web Workers API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Web_Workers_API","key":"e_1_3_2_1_33_1"},{"unstructured":"mdn\u00a0web docs.2017. What\u2019s AJAX?https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Guide\/AJAX\/Getting_Started  mdn\u00a0web docs.2017. What\u2019s AJAX?https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/Guide\/AJAX\/Getting_Started","key":"e_1_3_2_1_34_1"},{"unstructured":"mdn\u00a0web docs.2018. Cross-site scripting (XSS).https:\/\/developer.mozilla.org\/en-US\/docs\/Glossary\/Cross-site_scripting  mdn\u00a0web docs.2018. Cross-site scripting (XSS).https:\/\/developer.mozilla.org\/en-US\/docs\/Glossary\/Cross-site_scripting","key":"e_1_3_2_1_35_1"},{"unstructured":"mdn\u00a0web docs.2018. eval().https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/JavaScript\/Reference\/Global_Objects\/eval  mdn\u00a0web docs.2018. eval().https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/JavaScript\/Reference\/Global_Objects\/eval","key":"e_1_3_2_1_36_1"},{"unstructured":"mdn\u00a0web docs.2018. Function.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/JavaScript\/Reference\/Global_Objects\/Function  mdn\u00a0web docs.2018. Function.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/JavaScript\/Reference\/Global_Objects\/Function","key":"e_1_3_2_1_37_1"},{"unstructured":"mdn\u00a0web docs.2018. ServiceWorkerRegistration.showNotification(). https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/ServiceWorkerRegistration\/showNotification  mdn\u00a0web docs.2018. ServiceWorkerRegistration.showNotification(). https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/ServiceWorkerRegistration\/showNotification","key":"e_1_3_2_1_38_1"},{"unstructured":"mdn\u00a0web docs.2018. Window.postMessage.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Window\/postMessage  mdn\u00a0web docs.2018. Window.postMessage.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Window\/postMessage","key":"e_1_3_2_1_39_1"},{"unstructured":"mdn\u00a0web docs.2018. Worker.postMessage.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/API\/Worker\/postMessage  mdn\u00a0web docs.2018. Worker.postMessage.https:\/\/developer.mozilla.org\/ko\/docs\/Web\/API\/Worker\/postMessage","key":"e_1_3_2_1_40_1"},{"unstructured":"mdn\u00a0web docs.2019. Notification.actions.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Notification\/actions  mdn\u00a0web docs.2019. Notification.actions.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Notification\/actions","key":"e_1_3_2_1_41_1"},{"unstructured":"mdn\u00a0web docs.2022. Notification.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Notification  mdn\u00a0web docs.2022. Notification.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Notification","key":"e_1_3_2_1_42_1"},{"unstructured":"mdn\u00a0web docs.2022. Push API. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Push_API  mdn\u00a0web docs.2022. Push API. https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Push_API","key":"e_1_3_2_1_43_1"},{"key":"e_1_3_2_1_44_1","volume-title":"A brief history of web crawlers. arXiv preprint arXiv:1405.0749","author":"Mirtaheri M","year":"2014","unstructured":"Seyed\u00a0 M Mirtaheri , Mustafa\u00a0Emre Din\u00e7kt\u00fcrk , Salman Hooshmand , Gregor\u00a0 V Bochmann , Guy-Vincent Jourdan , and Iosif\u00a0Viorel Onut . 2014. A brief history of web crawlers. arXiv preprint arXiv:1405.0749 ( 2014 ). Seyed\u00a0M Mirtaheri, Mustafa\u00a0Emre Din\u00e7kt\u00fcrk, Salman Hooshmand, Gregor\u00a0V Bochmann, Guy-Vincent Jourdan, and Iosif\u00a0Viorel Onut. 2014. A brief history of web crawlers. arXiv preprint arXiv:1405.0749 (2014)."},{"unstructured":"Gerard Mondaca. 2022. 36 Phishing Statistics in 2022: Don\u2019t Take the Bait!https:\/\/get.eftsure.com.au\/statistics\/phishing-statistics-2022\/  Gerard Mondaca. 2022. 36 Phishing Statistics in 2022: Don\u2019t Take the Bait!https:\/\/get.eftsure.com.au\/statistics\/phishing-statistics-2022\/","key":"e_1_3_2_1_45_1"},{"unstructured":"Mozilla\u00a0Developer Network.2015. Service Worker API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Service_Worker_API  Mozilla\u00a0Developer Network.2015. Service Worker API.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Service_Worker_API","key":"e_1_3_2_1_46_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_47_1","DOI":"10.1145\/2382196.2382274"},{"unstructured":"OpenBugBounty.2016. OpenBugBounty.https:\/\/www.openbugbounty.org\/  OpenBugBounty.2016. OpenBugBounty.https:\/\/www.openbugbounty.org\/","key":"e_1_3_2_1_48_1"},{"unstructured":"OWASP.2020. Cross Site Scripting (XSS).https:\/\/owasp.org\/www-community\/attacks\/xss\/  OWASP.2020. Cross Site Scripting (XSS).https:\/\/owasp.org\/www-community\/attacks\/xss\/","key":"e_1_3_2_1_49_1"},{"unstructured":"OWASP.2020. Open Web Application Security Project Top 10 Web Application Security Risks.https:\/\/owasp.org\/www-project-top-ten\/  OWASP.2020. Open Web Application Security Project Top 10 Web Application Security Risks.https:\/\/owasp.org\/www-project-top-ten\/","key":"e_1_3_2_1_50_1"},{"unstructured":"OWASP.2021. Code Injection.https:\/\/owasp.org\/www-community\/attacks\/Code_Injection  OWASP.2021. Code Injection.https:\/\/owasp.org\/www-community\/attacks\/Code_Injection","key":"e_1_3_2_1_51_1"},{"key":"e_1_3_2_1_52_1","volume-title":"Master of web puppets: Abusing web browsers for persistent and stealthy computation. arXiv preprint arXiv:1810.00464","author":"Papadopoulos Panagiotis","year":"2018","unstructured":"Panagiotis Papadopoulos , Panagiotis Ilia , Michalis Polychronakis , Evangelos\u00a0 P Markatos , Sotiris Ioannidis , and Giorgos Vasiliadis . 2018. Master of web puppets: Abusing web browsers for persistent and stealthy computation. arXiv preprint arXiv:1810.00464 ( 2018 ). Panagiotis Papadopoulos, Panagiotis Ilia, Michalis Polychronakis, Evangelos\u00a0P Markatos, Sotiris Ioannidis, and Giorgos Vasiliadis. 2018. Master of web puppets: Abusing web browsers for persistent and stealthy computation. arXiv preprint arXiv:1810.00464 (2018)."},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_53_1","DOI":"10.1145\/2786805.2803191"},{"unstructured":"salesforce Company.2007. Heroku.https:\/\/www.heroku.com\/  salesforce Company.2007. Heroku.https:\/\/www.heroku.com\/","key":"e_1_3_2_1_54_1"},{"unstructured":"Selenium.2019. Selenium automates browsers.https:\/\/www.selenium.dev\/  Selenium.2019. Selenium automates browsers.https:\/\/www.selenium.dev\/","key":"e_1_3_2_1_55_1"},{"unstructured":"[\n  56\n  ]  similarweb.com. 2007. https:\/\/www.similarweb.com\/  [56] similarweb.com. 2007. https:\/\/www.similarweb.com\/","key":"e_1_3_2_1_56_1"},{"unstructured":"Socket.IO.2021. What Socket.IO is.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Window\/postMessage  Socket.IO.2021. What Socket.IO is.https:\/\/developer.mozilla.org\/en-US\/docs\/Web\/API\/Window\/postMessage","key":"e_1_3_2_1_57_1"},{"unstructured":"Sooel Son and Vitaly Shmatikov. 2013. The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites.. In NDSS.  Sooel Son and Vitaly Shmatikov. 2013. The Postman Always Rings Twice: Attacking and Defending postMessage in HTML5 Websites.. In NDSS.","key":"e_1_3_2_1_58_1"},{"key":"e_1_3_2_1_59_1","volume-title":"The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. In 2021 IEEE Security and Privacy Workshops (SPW). IEEE, 432\u2013443","author":"Squarcina Marco","year":"2021","unstructured":"Marco Squarcina , Stefano Calzavara , and Matteo Maffei . 2021 . The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. In 2021 IEEE Security and Privacy Workshops (SPW). IEEE, 432\u2013443 . Marco Squarcina, Stefano Calzavara, and Matteo Maffei. 2021. The Remote on the Local: Exacerbating Web Attacks Via Service Workers Caches. In 2021 IEEE Security and Privacy Workshops (SPW). IEEE, 432\u2013443."},{"doi-asserted-by":"crossref","unstructured":"Marius Steffens Christian Rossow Martin Johns and Ben Stock. 2019. Don\u2019t Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild. (2019).  Marius Steffens Christian Rossow Martin Johns and Ben Stock. 2019. Don\u2019t Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild. (2019).","key":"e_1_3_2_1_60_1","DOI":"10.14722\/ndss.2019.23009"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_61_1","DOI":"10.1145\/3372297.3417267"},{"unstructured":"Tranco.2018. Tranco. A Research-Oriented Top Sites Ranking Hardened Against Manipulation.https:\/\/tranco-list.eu\/  Tranco.2018. Tranco. A Research-Oriented Top Sites Ranking Hardened Against Manipulation.https:\/\/tranco-list.eu\/","key":"e_1_3_2_1_62_1"},{"key":"e_1_3_2_1_63_1","volume-title":"Tranco: A research-oriented top sites ranking hardened against manipulation.","author":"van Eeten MJG","year":"2019","unstructured":"MJG van Eeten , C Hernandez\u00a0Ganan , FS G\u00fcrses , RS van Wegberg , SE Parkin , Y Zhauniarovich , SH van Engelenburg , NI Kadenko , K Labunets , U Akyazi , 2019 . Tranco: A research-oriented top sites ranking hardened against manipulation. (2019). MJG van Eeten, C Hernandez\u00a0Ganan, FS G\u00fcrses, RS van Wegberg, SE Parkin, Y Zhauniarovich, SH van Engelenburg, NI Kadenko, K Labunets, U Akyazi, 2019. Tranco: A research-oriented top sites ranking hardened against manipulation. (2019)."},{"unstructured":"Vue.js.2014. Vue.https:\/\/vuejs.org\/  Vue.js.2014. Vue.https:\/\/vuejs.org\/","key":"e_1_3_2_1_64_1"},{"unstructured":"W3Techs.2015. Historical trends in the usage statistics of client-side programming languages for websites.https:\/\/w3techs.com\/technologies\/history_overview\/client_side_language\/all  W3Techs.2015. Historical trends in the usage statistics of client-side programming languages for websites.https:\/\/w3techs.com\/technologies\/history_overview\/client_side_language\/all","key":"e_1_3_2_1_65_1"},{"doi-asserted-by":"crossref","unstructured":"Takuya Watanabe Eitaro Shioji Mitsuaki Akiyama and Tatsuya Mori. 2020. Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites.. In NDSS.  Takuya Watanabe Eitaro Shioji Mitsuaki Akiyama and Tatsuya Mori. 2020. Melting Pot of Origins: Compromising the Intermediary Web Services that Rehost Websites.. In NDSS.","key":"e_1_3_2_1_66_1","DOI":"10.14722\/ndss.2020.24140"},{"unstructured":"web. dev.2022. What are Progressive Web Apps?https:\/\/web.dev\/i18n\/en\/what-are-pwas\/  web. dev.2022. What are Progressive Web Apps?https:\/\/web.dev\/i18n\/en\/what-are-pwas\/","key":"e_1_3_2_1_67_1"},{"unstructured":"Jason Wise. 2022. Gambling Statistics 2022: How Many People Gamble?https:\/\/earthweb.com\/gambling-statistics\/  Jason Wise. 2022. Gambling Statistics 2022: How Many People Gamble?https:\/\/earthweb.com\/gambling-statistics\/","key":"e_1_3_2_1_68_1"},{"unstructured":"[\n  69\n  ]  Service worker scanner. 2000. https:\/\/u.tamu.edu\/sw-scanner  [69] Service worker scanner. 2000. https:\/\/u.tamu.edu\/sw-scanner","key":"e_1_3_2_1_69_1"}],"event":{"sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"acronym":"ASIA CCS '23","name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia"},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590342","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:16Z","timestamp":1750183696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590342"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":69,"alternative-id":["10.1145\/3579856.3590342","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3590342","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}