Provides a taint-tracking configuration for reasoning about DOM-based cross-site scripting vulnerabilities.
A taint-tracking configuration for reasoning about XSS. Both ordinary HTML sinks, URL sinks, and JQuery selector based sinks. - HTML sinks are sinks for any tainted value - URL sinks are only sinks when the scheme is user controlled - JQuery selector sinks are sinks when the tainted value can start with
A sink that is not a URL write or a JQuery selector, assumed to be a value that is interpreted as HTML.