In recent years, the codebases used for web development have grown due to the widespread use of content management systems such as WordPress. However, the debugging tools and infrastructure available for web developers have not yet grown to match that new size. This lack of tooling can lead to extended downtime as developers go through hundreds of files of code to find a bug once a problem has been detected, often with insufficient logging. In this paper, we seek to determine how precisely we can identify and communicate the location of a bug using the Single-use Server logging infrastructure, as well as how well we can communicate that to the user. To answer this question, we designed and implemented a debugging tool for web applications named PEGASUS, which stands for Powerful, Expressive, Graphical Analyzer for the Single Use Server. PEGASUS assists in the debugging process using information provided from the Single-use Server project, including proxy information, a full PHP call stack, and a resource guard to prevent confused deputy attacks. PEGASUS was built using a Node server, D3.js visualizations, and a Vue.js webapp to host an interactive frontend. During testing, the debugger specified the code location of a known vulnerability to just 5% of the lines in the files run by the webapp. PEGASUS also outperformed the normal debugging process in both time and simplicity, resulting in a faster and more user-friendly debugging experience.

Creator

• Puentes, Matthew A.

Contributors

• Shue, Craig A.
• Harrison, Lane T.

Degree

• MS

Unit

• Computer Science

Publisher

• Worcester Polytechnic Institute

Identifier

• etd-22881

Keyword

• HCI
• Data Visualization
• Web Development
• Cybersecurity

Advisor

• Shue, Craig A.

Defense date

• 2021-05-06

Year

• 2021

Date created

• 2021-05-06

Resource type

• Thesis

Rights statement

• In Copyright

Last modified

• 2023-09-20