This summer, we’re starting more projects with Doctor JS. With the help of Dimitris and our intern Rezwana Karim, we’re investigating event listener registration patterns in Firefox addons to test for compatibility issues with Electrolysis. Another intern, Vineeth Kashyap, is modifying Doctor JS to do static taint tracking as a way of doing security analyses for leaking chrome-privilege data into content-privilege code.
I’d like Doctor JS to get to a point where it’s more scriptable—a “semantic grep” tool like Dehydra. I’m sure we’ll crib some notes from Taras’s work. But for a first step we’re just going to adapt the tool as needed to the specific applications we’re using it for. Hopefully this will give us a better feel for how to generalize it down the road to be more user-extensible.