关键词：应用程序漏洞；新兴防御；第二行防御；脚本注入漏洞；安全
摘 要：Computer users trust web applications to protect their nancial transactions and online identities from attacks by cyber criminals. However, web applications today are riddled with security aws which can compromise the security of their web sessions. In this thesis, we address the problem of automatically nding and preventing script injection vulnerabilities, one of the most prominent classes of web application vulnerabilities at present. Speci cally, this thesis makes three contributions towards addressing script injection vulnerabilities. First, we propose two techniques that together automatically uncover script injection vulnerabilities in client-side JavaScript components of web applications without raising false positives. Second,we empirically study the use of sanitization, which is the predominant defense technique to prevent these attacks today. We expose two new classes of errors in the practical use of sanitization in shipping web applications and demonstrate weaknesses of emerging defenses employed in widely used web application frameworks. Third, we propose a type-based approach to automatically perform correct sanitization for applications authored in emerging web application frameworks. Finally, we propose a conceptual framework for a sanitizationfree defense against script injection vulnerabilities, which can form a robust second line of defense.