{"id":"W4385952926","doi":"10.1007/s10664-023-10323-w","title":"XSnare: application-specific client-side cross-site scripting protection","year":2023,"lang":"en","type":"article","venue":"Empirical Software Engineering","topic":"Web Application Security Vulnerabilities","field":"Computer Science","cited_by":1,"is_retracted":false,"has_abstract":false,"ca_institutions":"University of British Columbia","funders":"","keywords":"Cross-site scripting; Exploit; Computer science; Scripting language; Client-side; Context (archaeology); Computer security; Overhead (engineering); World Wide Web; Database; Web page; Web application security; Operating system; Web development","routes":{"ca_aff":true,"ca_fund":false,"ca_venue":false,"about_ca":false,"invisible_to_affiliation_only":false},"retraction":null,"screen":null,"direct_labels":[],"prediction":{"model_version":"codex-gemma-dda1882f352a","candidate_categories":["metaepi_narrow","insufficient_payload"],"consensus_categories":[],"category_scores_codex":[0.0005275284,0.0002263273,0.0002004804,0.0002403735,0.0002734866,0.0003692375,0.0006971466,0.0001298679,0.00001287326],"category_scores_gemma":[0.0004027002,0.000246525,0.0001023667,0.001862308,0.00004273904,0.0005743318,0.0003624032,0.0003675989,0.001148725],"about_ca_system_candidate":false,"about_ca_system_consensus":false,"about_ca_system_score_codex":0.0001814152,"about_ca_system_score_gemma":0.00003404374,"about_ca_topic_candidate":false,"about_ca_topic_consensus":false,"about_ca_topic_score_codex":0.0000184921,"about_ca_topic_score_gemma":0.000001595516,"domain_scores_codex":[0.9978529,0.00003453683,0.000428118,0.0007108441,0.0004636087,0.0005100585],"domain_scores_gemma":[0.9984777,0.0003038912,0.0000861619,0.0008244293,0.0001382113,0.0001696253],"domain_codex":null,"domain_gemma":null,"domain_candidate":null,"domain_consensus":null,"study_design_codex":"simulation_or_modeling","study_design_gemma":"not_applicable","study_design_scores_codex":[0.00003568598,0.000394889,0.3032826,0.0008419884,0.0001230147,0.00006544213,0.01246488,0.3715861,0.03701866,0.05757759,0.02113761,0.1954716],"study_design_scores_gemma":[0.0004235015,0.00004903231,0.2403752,0.00004542941,0.000003754348,0.00002610581,0.00003351937,0.3001374,0.004600766,0.002261626,0.4512612,0.000782523],"study_design_candidate":"simulation_or_modeling","study_design_consensus":null,"genre_codex":"methods","genre_gemma":"empirical","genre_scores_codex":[0.1914881,0.00008918803,0.8032235,0.0006845313,0.0003282131,0.0003958833,0.000005382577,0.00373651,0.00004874699],"genre_scores_gemma":[0.953398,0.00001245809,0.04485638,0.0002058554,0.0003949932,0.0007945431,0.00003029684,0.00005357246,0.0002539323],"genre_candidate":"empirical","genre_consensus":null,"teacher_disagreement_score":0.7619099,"threshold_uncertainty_score":0.9999987,"prediction_status":"machine_predicted_unvalidated"},"machine_scores":{"provisional":true,"baseline":true,"maturity_gate_passed":false,"score_opus":0.03303138290703469,"score_gpt":0.2844141654592613,"score_spread":0.2513827825522266,"validation_status":"score_only:v0-immature-baseline","note":"Baseline scores from an immature model (maturity gate not passed). Scores rank; they never assert a category."}}