Relational Constraint Driven Test Case Synthesis for Web Applications

Xiang Fu
2010 Electronic Proceedings in Theoretical Computer Science  
This paper proposes a relational constraint driven technique that synthesizes test cases automatically for web applications. Using a static analysis, servlets can be modeled as relational transducers, which manipulate backend databases. We present a synthesis algorithm that generates a sequence of HTTP requests for simulating a user session. The algorithm relies on backward symbolic image computation for reaching a certain database state, given a code coverage objective. With a slight
more » ... , the technique can be used for discovering workflow attacks on web applications.
doi:10.4204/eptcs.35.4 fatcat:s73kuc4yxbf4va4aj5vfv6tpbe