8 Henry, G. Typer la sérialisation sans sérialiser les typesUniversité Paris Diderot - Paris 7 2011.
 15 Serrano, M. and Queinnec, C. HTML5 Video portable avec Hophttp://www.programmez.comGnu Linux Magazine France129Jan 2010.
 5 Canou, B. Programmation Web TypéeUniversité Pierre et Marie Curie (UPMC - Paris 6)Oct 2011.
 12 Serrano, M. HopTeX - Compiling HTML to LaTeX with CSShttp://www.inria.fr/mimosa/Manuel.Serrano/publi/serrano-scheme11a.pdfProceedings of the Scheme'11 workshopPortland, USAOct 2011.
 9 Luo, Z. and Rezk, T. and Serrano, M. Automated Code Injection Prevention for Web ApplicationsProceedings of the first Conference on Theory of Security and Applications (TOSCA'11)Lecture Notes on Computer Science6993Saarbrücken, GermanyApr 2011186--204.
 14 Serrano, M. and Queinnec, C. A multi-tier semantics for HopHigher Order and Symbolic Computation 2010.
 3 Boudol, G. et al.Towards Reasoning for Web Applications: an Operational Semantics for HopProceedings of the first Workshop on Analysis and Programming Languages for Web Applications and Cloud ApplicationsToronto, CanadaJun 2010.
 11 Serrano, M. HSS: a Compiler for Cascading Style Sheets10th ACM Sigplan Int'l Conference on Principles and Practice of Declarative Programming (PPDP)Jul 2010.
 10 Serpette, B. and Serrano, M. An Interpreter for Server-Side Hophttp://www.inria.fr/mimosa/Manuel.Serrano/publi/ss-dls11.pdfProceedings of the DLS'11 symposiumPortland, USAOct 2011.
 2 Berry, G. and Nicolas, C. and Serrano, M. HipHop: A Synchronous Reactive Extension for Hophttp://plastic.host.adobe.com/plastic2.pdfProceedings of the PLASTIC'11 workshopPortland, USAOct 2011.
 1 Balat, V. and Chambart, P. and Henry, G. Client-server Web applications with Ocsigenhttp://hal.archives-ouvertes.fr/hal-00691710WWW2012 dev track proceedingsLyon, FranceApr 201259.
 6 Canou, B. and Chailloux, E. and Vouillon, J. How to Run your Favorite Language in Web Browsershttp://hal.archives-ouvertes.fr/hal-00694031WWW2012 dev track proceedingsLyon, FranceApr 2012-.
 7 Chailloux, E. and Serpette, P. B. Séparation des couleurs dans un lambda-calcul bichromehttp://hal.inria.fr/hal-00665958JFLA - Journées Francophones des Langages Applicatifs - 2012Carnac, FranceFeb 2012.
 4 Boudol, G. et al.Reasoning about Web Applications: An Operational Semantics for HOPhttp://www.inria.fr/mimosa/Manuel.Serrano/publi/blrs-toplas12.pdfACM Transactions on Programming Languages and Systems (TOPLAS)342New York, NY, USA 2012.
 13 Serrano, M. and Berry, G. Multitier Programming in Hop - A first step toward programming 21st-century applicationshttp://cacm.acm.org/magazines/2012/8/153796-multitier-programming-in-hop/abstractCommunications of the ACM558Aug 201253--59.
PWD
Programming the Diffuse Web
(Programmation du Web Diffus)
ANR-09-EMER-009-01

The goal of the PWD project is to propose new programming languages for developing new applications on the Web. The HOP programming language, that is developed at INRIA Sophia-Antipolis, and the Eliom framework of the Ocsigen project, developed at PPS, will serve as a basis for these studies. Some of the proposed tasks will consist in studying unexplored aspects of these languages such as the formal semantics of the HOP programming language or its constructions for dealing with security. Some tasks will consist in extending them with new facilities (such as the dynamic services discovery). Others tasks will consist in improving and optimizing their implementations. The last task consisting in developing innovative Web applications will aim at validating the design and implementation of our languages. More generally it will also be aimed at validating the overall design enforced by this new family of languages.

# 1Team

• INRIA
• Manuel Serrano (Manuel.Serrano@inria.fr)
• Gerard Boudol (Gerard.Boudol@inria.fr)
• Florian Loitsch (Florian.Loitsch@inria.fr)
• Bernard Serpette (Bernard.Serpette@inria.fr)
• Cyprien Nicolas (Cyprien.Nicolas@inria.fr)
• LIP6
• Christian Queinnec (Christian.Queinnec@lip6.fr)
• Emmanuel Chailloux (Emmanuel.Chailloux@lip6.fr)
• Benjamin Canou (Benjamin.Canou@lip6.fr)
• PPS
• VIncent Balat (vincent.balat@pps.jussieu.fr)
• Jérôme Vouillon (vouillon@pps.jussieu.fr)

# 2Software

We develop new software programs for the Web. They are available online on the dedicated web sites:

## 21Software releases

Since the beginning of the ANR PWD project, several versions of HOP, Ocsigen, and Obrowser have been publicly released. The main releases have been:

1. hop-1.11.0 released September 2009.
2. ocsigen-1.2.1 released September 2009.
3. ocsigen-1.3.1 released April 2010.
4. hop-2.0.0 released May 2010.
5. hop-2.1.0 released August 2010.
6. hop-2.2.0 released January 2011.
7. obrowser-1.1.1 released April 2011.
8. hop-2.3.0 released May 2012.
9. hop-2.3.1 released June 2012.

The new major release hop-2.4.0 is planned for October 2012.

# 4New results

## 41Multitier Programming in Hop - A first step toward programming 21st-century applications

The Web is becoming the richest platform on which to create computer applications. Its power comes from three elements: modern Web browsers enable highly sophisticated graphical user interfaces (GUIs) with 3D, multimedia, fancy typesetting, among others; calling existing services through Web APIs makes it possible to develop sophisticated applications from independently available components; and open-data availability allows access a wide set of information that was unreachable or that simply did not exist before. The combination of these three elements has already given birth to revolutionary applications such as GoogleMaps, radio podcasts, and social networks.

The next step is likely to be incorporating the physical environment into the Web. Recent electronic devices are equipped with various sensors (GPS, cameras, microphones, metal detectors, speech commands, thermometers, motion detection, and so on) and communication means (IP stack, telephony, SMS, Bluetooth), which enable applications to interact with the real world. Web browsers integrate these features one after the other, making the Web runtime environment richer every day. The future is appealing, but one difficulty remains: current programming methods and languages are not ideally suited for implementing rich Web applications. This is not surprising as most have been invented in the 20th century, before the Web became what it is now.

Traditional programming languages have trouble dealing with the asymmetric client-server architecture of Web applications. Ensuring the semantic coherence of distributed client-server execution is challenging, and traditional languages have no transparent support for physical distribution. Thus, programmers need to master a complex gymnastics for handling distributed applications, most often using different languages for clients and servers. JavaScript is the dominant Web language but was conceived as a browser only client language. Servers are usually programmed with quite different languages such as Java, PHP, Ruby, etc. Recent experiments such as Node.js propose using JavaScript on the server, which makes the development more coherent; however, harmonious composition of independent components is still not ensured.

In 2006, three different projects namely, GWT from Google, Links from the University of Edinburgh, and HOP from INRIA, offered alternative methods for programming Web applications. They all proposed that a Web application should be programmed as a single code for the server and client, written in a single unified language. This principle is known as multitier programming.

Links is an experimental languages in which the server holds no state and functions can be symmetrically called from both sides, allowing them to be declared on either the server or the client. These features are definitely interesting for exploring new programming ideas, but they are difficult to implement efficiently, making the platform difficult to use for realistic applications.

GWT is more pragmatic. It maps traditional Java programming into the Web. A GWT program looks like a traditional Java/Swing program compiled to Java bytecode for the server side and to JavaScript for the client side. Java cannot be considered as the unique language of GWT, however. Calling external APIs relies on Javascipt inclusion in Java extensions. GUIs are based on static components declared in external HTML files and on dynamic parts generated by the client-side execution. Thus, at least Java, Javascript, and HTML are directly involved.

The HOP language, presented in 13, takes another path relying on a different idea: incorporating all the required Web-related features into a single language with a single homogeneous development and execution platform, thus uniformly covering all the aspects of a Web application: client-side, server-side, communication, and access to third-party resources. HOP embodies and generalizes both HTML and JavaScript functionalities in a Scheme-based platform that also provides the user with a fully general algorithmic language. Web services and APIs can be used as easily as standard library functions, whether on the server side or client side.

## 42Reasoning about Web Applications: An Operational Semantics for HOP

In the article 4 we have proposed a small-step operational semantics to support reasoning about Web applications written in the multitier language HOP. This semantics covers both server side and client side computations, as well as their interactions, and includes creation of Web services, distributed client-server communications, concurrent evaluation of service requests at server side, elaboration of HTML documents, DOM operations, evaluation of script nodes in HTML documents and actions from HTML pages at client side. We also model the browser same origin policy (SOP) in the semantics. We propose a safety property by which programs do not get stuck due to a violation of the SOP and a type system to enforce it.

## 43Séparation des couleurs dans un lambda-calcul bichrome

Dans cet article 7 nous introduisons un $\lambda$-calcul bichrome pour expliciter une partie de l'évaluation d'un terme en précisant la localité du calcul1. L'intérêt est alors de pouvoir définir une transformation, par $\beta$-expansion, qui regroupe les expressions de même couleur. Les propriétés de correction, de terminaison et de confluence de cette transformation sont démontrées 'a l'aide de l'assistant de preuves Coq. Cette transformation est indépendante de la sémantique de communication et de synchronisation de l'application. On s'intéresse alors aux applications utilisant deux unités de calcul comme les couples client-serveur de la programmation Web. Nous abordons le passage à un $\lambda$-calcul à plus de deux couleurs et montrons les difficultés que cela engendre.

## 44How to Run your Favorite Language in Web Browser

This paper 6 is a concise guide for developers who want to port an existing language to Web browsers, about what to do and what not to. It is based on the various experiments that have been led in the OCaml language community. In particular, it exhibits how reusing the underlying virtual machine and bytecode associated to the language can come of great help in this task.

## 45Client-server Web Applications with Ocsigen

The Ocsigen framework offers a new way to develop sophisticated client-server Web applications. It makes it possible to write as a single program both the server and client sides of a Web application, thus simplifying a lot communications and data transfers, and avoiding code duplications. It also proposes a wide set of high level concepts to program traditional Web interactions in a very concise way while mixing them seamlessly with client side features. The use of a powerful type system improves a lot the reliability of programs, reducing debugging time, and making the code easier to maintain. See 1.

## 46HipHop: A Synchronous Reactive Extension for Hop

HOP is a SCHEME-based language and system to build rich multi-tier web applications. We present HIPHOP, a new language layer within HOP dedicated to request and event orchestration 2. HIPHOP follows the synchronous reactive model of the Esterel and ReactiveC languages, originally developed for embedded systems programming. It is based on synchronous concurrency and preemption primitives, which are known to be key components for the modular design of complex temporal behaviors. Although the language is concurrent, the generated code is purely sequential and thread-free; HIPHOP is translated to HOP for the server side and to straight JavaScript for the client side. With a music playing example, we show how to modularly buid non-trivial orchestration code with HIPHOP.

## 47An Interpreter for Server-Side Hop

HOP is a Scheme-based multi-tier programming language for the Web. The client-side of a program is compiled to JavaScript, while the server-side is executed by a mix of natively compiled code and interpreted code. At the time where HOP programs were basic scripts, the performance of the server-side interpreter was not a concern; an inefficient interpreter was acceptable. As HOP expanded, HOP programs got larger and more complex. A more efficient interpreter was necessary. This new interpreter is described in 10. It is compact, its whole implementation counting no more than 2.5 KLOC. It is more than twice faster than the old interpreter and consumes less than a third of its memory. Although it cannot compete with static or JIT native compilers, our experimental results show that it is amongst the fastest interpreters for dynamic languages.

## 48Hss: a Compiler for Cascading Style Sheets

The article 11 presents HSS, a compiler for CSS. It is first argued that generating CSS improves portability and maintainability of CSS files. This claim is supported by realistic examples. Then, the HSS compilation algorithm is presented. It is simple enough to be easily adapted to most web development kits.

HSS can be used as a stand-alone HSS-to-CSS compiler in the goal of enriching CSS with user defined variables, functions, and element types. It can also be used with the Hop web development kit in which case, working hand in hand with the Hop programming language, it can be used to implement skinning or theming of web applications.

## 49Towards Reasoning for Web Applications: An Operational Semantics for Hop

We propose 3 a small-step operational semantics to support reasoning about web applications written in the multi-tier language HOP. The semantics covers both server side and client side computations, as well as their interactions, and includes creation of web services, distributed client-server communications, concurrent evaluation of service requests at server side, elaboration of HTML documents, DOM operations, evaluation of script nodes in HTML documents and actions from HTML pages at client side.

## 410A multi-tier semantics for Hop

Hop is a multi-tier programming language where the behavior of interacting servers and clients are expressed by a single program. Hop adheres to the standard web programming style where servers elaborate HTML pages containing JavaScript code. This JavaScript code responds locally to user's interactions but also (following the so-called Ajax style) requests services from remote servers. These services bring back new HTML fragments containing additional JavaScript code replacing or modifying the state of the client.

The paper 14 presents a continuation-based denotational semantics for a sequential subset of Hop. Though restricted to a single server and a single client, this semantics takes into account the key feature of Hop namely that the server elaborates client code to be run in the client's browser. This new client-code dynamically requests services from the server which, again, elaborate new client code to be run in the client's browser.

This semantics details the programming model advocated by Hop and provides a sound basis for future studies such as security of web applications and web continuations.

## 411Automated Code Injection Prevention for Web Applications

We study common security problems related to integrity violations in web applications. We are interested in providing formal bases to prove that web applications's (and more generally generated mashups's)

- trusted components will be code injection free at run-time - untrusted components's influence to trusted components is limited to a set of given authorized resources.

We investigate formalization of these properties by means of web applications abstract semantics and discuss correct implementations to enforce them. We have incorporated the proposed enforcement mechanisms as additional modular compilation stages in HOP, a full-fledged multi-tier language to write web applications. This work is presented in 9.

## 412HopTeX - Compiling HTML to LaTeX with CSS

The article 12 presents HopTeX, a new application for authoring Html and LaTeX documents. The content of the document can is either be expressed in Html or in a blending of Html and a dedicated wiki syntax, for the sake of conciseness and readability. The rendering of the document is expressed by a set of CSS rules. The main originality of HopTeX is to consider LaTeX as a new media type for Html and to express the compilation from Html to LaTeX by the means of dedicated style sheet rules.

HopTeX can then be used to generate high quality documents for both paper printed version and electronic version. The online version of this paper is available at the HopTeX web page. It can be read using a regular Web browser or using Smartphone browsers.

HopTeX is implemented in HOP, a multi-tier programming language for the Web 2.0. This implementation extensively relies on two facilities generally only available on the client-side that HOP also supports on the server-side of the application: DOM manipulations and CSS server-side resolutions.

## 413Type-safe document manipulations

As part of Benjamin Canou's thesis 5, we proposed a high level and type-safe API for document manipulations. The goal was to be safer and more high-level than the browser's DOM. In particular, we aimed at eliminating the implicit moves performed by the DOM to maintain the tree structure which limit the possibilities of static typing.

First, we gave a minimal formal model similar to the DOM. Upon this first model, we built an alternative document API in which moves are replaced by implicit deep copy operations.

To prove the validity of our approach, we designed on top of this document API a language based on ML equiped with document manipulation features, that are well typed thanks to the use of our alternative document model.

An implementation of the language is ongoing, and scientific publications are to be submitted soon.

## 414Rethinking Web interaction

Paper submitted.

Web sites are evolving into ever more complex distributed applications. But current Web programming tools are not fully adapted to this evolution, and force programmers to worry about too many inessential details. We want to define an alternative programming style better fitted to that kind of applications. To do that, we propose an analysis of Web interaction in order to break it down into very elementary notions, based on semantic criteria instead of technological ones. This allows defining a common vernacular language to describe the concepts of current Web programming tools, but also some other new concepts. We use this to define a new service identification mechanism.

This results in a significant gain of expressiveness. The understanding and separation of these notions also makes it possible to get strong static guarantees, that can help a lot during the development of complex applications, for example by making impossible the creation of broken links. Most of the ideas we propose have been implemented in the Ocsigen Web programming framework. We give a quick outline of that implementation.

## 415From Bytecode to Javascript: the Js_of_ocaml Compiler

Paper submitted.

We present the design and implementation of a compiler from OCaml bytecode to Javascript. We believe that taking bytecode as input instead of a high-level language is a sensible choice. Virtual machines provide a very stable API. Such a compiler is thus easy to maintain. It is also convenient to use: it can just be added to an existing installation of the development tools. Already compiled libraries can be used directly, with no need to reinstall anything. Finally, some virtual machines are the target of several languages. A bytecode to Javascript compiler would make it possible to retarget all these languages to Web browsers at once.

# 5Dissemination

1. M. Serrano and C. Queinnec published a tutorial about Hop in the French magazine Gnu Linux France 15.
2. M. Serrano gave a presentation about Hop at the Collège de France in February 2010. The video is available at http://www.college-de-france.fr.
3. M. Serrano gave a talk about Diffuse Systems in the Seven Keys to the Digital Future seminar at the Royal Society of Edinburgh. See http://idea.ed.ac.uk/future.
4. M. Serrano gave a presentation of diffuse computing colloqium given in the honor of Jean-Jacques Levy and Gérard Berry. See http://www.lri.fr/~conchon/gerardmer.
5. M. Serrano gave a presentation of Hop at the Microsoft Software Summit that took place in Paris in April 2011. See http://research.microsoft.com/en-us/um/cambridge/events/ss2011.

# 6Meetings

## 61Kick off meeting (21 Jan 2010, Paris)

The kick off meeting took place at the University Pierre et Marie Curie.

### 611Participants

• PPS: Vincent Balat, Jérôme Vouillon
• LIP6: Christian Queinnec, Benjamin Canou
• INRIA: Manuel Serrano
• Invités: Frédéric Boussinot (INRIA)

### 612Introduction

• PPS: new interaction models for the web 2.0.
• Ocsigen will be multi-tier in 1 months (Ocsigen 2.0)
• Current release 1.3.0 (OcsigenServer + Elium + Oxymore)
• LIP6 + PPS:
• O'Browser 1.1
• environment: typed DOM and semantics of the DOM.
• LIP6 + INRIA:
• Denotational semantics for Hop
• Semantics of the client-side code generation
• INRIA:
• Hop ported to Maemo
• Integrate security policies in the client-code generator

### 613Talks and demonstrations

• Frédéric Boussinot has presented FunLoft (cooperation + asynchronous programming).
• Benjamin Canou gave a demonstration of O'Browser (client-side games using the HTML5 Canvas). Performance evaluation: about 10 times slower than JavaScript.
• Jérôme Vouillon gave a talk about the Lightweight Threads in OCaml

## 62Second plenary meeting (17 sep 2010, Paris)

### 621Participants

• PPS: Vincent Balat, Jérôme Vouillon
• LIP6: Christian Queinnec, Emmanuel Chailloux, Benjamin Canou, Gégoire Henry
• INRIA: Manuel Serrano

### 622Talks and demonstrations

• Manuel Serrano gave a talk about HSS, a compiler for CSS and a short demonstration of HopTeX, a HOP to TeX compiler.
• Grégoire Henry gave a talk on Safe serialization in OCaml 8.
• Vincent Balat presented a survey of server-side programming with Eliom.

## 63Third plenary meeting (22 jun 2011, Paris)

### 631Participants

• PPS: Vincent Balat, Jérôme Vouillon, Mikael Laporte (Master student M1) Pierre Chambart (post doc)
• LIP6: Emmanuel Chailloux, Jeremy Salvucci (Master student), Benjamin Canou (PhD), Christian Queinnec (excused)
• INRIA: Manuel Serrano

### 632Talks and demonstrations

• Manuel Serrano gave a survey on programming with Hop.
• Jérôme Vouillon gave a presentation of js_of_ocaml, a Ocaml bytecode to JS compiler.
• Benjamin Canou gave a survey on multi-tiers programming languages.

## 64Fourth plenary meeting (20 jun 2012, Paris)

### 641Participants

• PPS: Vincent Balat, Jérôme Vouillon, Severine Maingaud Pierre Chambart (post doc)
• LIP6: Emmanuel Chailloux, Benjamin Canou (PhD), Christian Queinnec
• INRIA: Manuel Serrano

### 642Talks and demonstrations

• Manuel Serrano gave a short presentation of HipHop
• Vincent Balat presented how to program graphical user interfaces with Arrows in Ocsigen. compiler.

### 643Achievements

We have listed and resumed the state of each deliverable:

• 1.1: completed.
• 1.2: completed.
• 1.3: completed.
• 1.4: completed.
• 1.5: M2 internship on Ocsigen on Rails but task is no longer considered prominent for PWD.
• 1.6: mainly completed with the PhD of B. Canou. However, the subject is still rich enough to require extra explorations. Hence, we extend that task to T+48.
• 2.1: completed.
• 2.2: completed.
• 2.3: subsumed by task 2.1.
• 3.1: completed.
• 3.2: completed.
• 3.3: completed.
• 3.4: prototyped with an Eclipse plugin but this is a minor contribution of PWD.
• 3.5: under investigation (arrows in Ocsigen and HipHop in Hop)
• 4.1: completed.
• 4.2: shifted to robotics.
• 4.3: to do.

# 7References

 1 Balat, V. and Chambart, P. and Henry, G. Client-server Web applications with Ocsigenhttp://hal.archives-ouvertes.fr/hal-00691710WWW2012 dev track proceedingsLyon, FranceApr 201259.
 2 Berry, G. and Nicolas, C. and Serrano, M. HipHop: A Synchronous Reactive Extension for Hophttp://plastic.host.adobe.com/plastic2.pdfProceedings of the PLASTIC'11 workshopPortland, USAOct 2011.
 3 Boudol, G. et al.Towards Reasoning for Web Applications: an Operational Semantics for HopProceedings of the first Workshop on Analysis and Programming Languages for Web Applications and Cloud ApplicationsToronto, CanadaJun 2010.
 4 Boudol, G. et al.Reasoning about Web Applications: An Operational Semantics for HOPhttp://www.inria.fr/mimosa/Manuel.Serrano/publi/blrs-toplas12.pdfACM Transactions on Programming Languages and Systems (TOPLAS)342New York, NY, USA 2012.
 5 Canou, B. Programmation Web TypéeUniversité Pierre et Marie Curie (UPMC - Paris 6)Oct 2011.
 6 Canou, B. and Chailloux, E. and Vouillon, J. How to Run your Favorite Language in Web Browsershttp://hal.archives-ouvertes.fr/hal-00694031WWW2012 dev track proceedingsLyon, FranceApr 2012-.
 7 Chailloux, E. and Serpette, P. B. Séparation des couleurs dans un lambda-calcul bichromehttp://hal.inria.fr/hal-00665958JFLA - Journées Francophones des Langages Applicatifs - 2012Carnac, FranceFeb 2012.
 8 Henry, G. Typer la sérialisation sans sérialiser les typesUniversité Paris Diderot - Paris 7 2011.
 9 Luo, Z. and Rezk, T. and Serrano, M. Automated Code Injection Prevention for Web ApplicationsProceedings of the first Conference on Theory of Security and Applications (TOSCA'11)Lecture Notes on Computer Science6993Saarbrücken, GermanyApr 2011186--204.
 10 Serpette, B. and Serrano, M. An Interpreter for Server-Side Hophttp://www.inria.fr/mimosa/Manuel.Serrano/publi/ss-dls11.pdfProceedings of the DLS'11 symposiumPortland, USAOct 2011.
 11 Serrano, M. HSS: a Compiler for Cascading Style Sheets10th ACM Sigplan Int'l Conference on Principles and Practice of Declarative Programming (PPDP)Jul 2010.
 12 Serrano, M. HopTeX - Compiling HTML to LaTeX with CSShttp://www.inria.fr/mimosa/Manuel.Serrano/publi/serrano-scheme11a.pdfProceedings of the Scheme'11 workshopPortland, USAOct 2011.
 13 Serrano, M. and Berry, G. Multitier Programming in Hop - A first step toward programming 21st-century applicationshttp://cacm.acm.org/magazines/2012/8/153796-multitier-programming-in-hop/abstractCommunications of the ACM558Aug 201253--59.
 14 Serrano, M. and Queinnec, C. A multi-tier semantics for HopHigher Order and Symbolic Computation 2010.
 15 Serrano, M. and Queinnec, C. HTML5 Video portable avec Hophttp://www.programmez.comGnu Linux Magazine France129Jan 2010.