For a detailed explanation of the taint flow between sources and sinks, please refer to the DOM-based vulnerabilities page. How to test for DOM-based cross-site scripting The majority of DOM XSS ...