javascript: Add support for document.defaultView in global variable references

Updated the data flow analysis to include `document.defaultView` as a source node for global variable references. Added a new test file `tst4.js` and updated existing tests to verify the inclusion of `defaultView` and its properties in the expected results.

javascript/ql/lib/semmle/javascript/dataflow/Nodes.qll

@@ -383,6 +383,9 @@ DataFlow::SourceNode globalObjectRef() {
   // DOM
   result = globalVariable("window")
   or
+  // DOM alias via `document.defaultView`
+  result = globalVariable("document").getAPropertyReference("defaultView")
+  or
   // Node.js
   result = globalVariable("global")
   or

javascript/ql/test/library-tests/Nodes/globalVarRef.expected

@@ -1,15 +1,19 @@
 | Object | tst2.js:8:1:8:13 | global.Object |
 | String | tst2.js:9:1:9:11 | this.String |
 | document | tst2.js:2:1:2:26 | require ... ument") |
+| document | tst4.js:1:1:1:26 | require ... ument") |
 | document | tst.js:3:1:3:15 | window.document |
 | document | tst.js:5:1:5:13 | self.document |
 | document | tst.js:6:1:6:19 | globalThis.document |
+| document | tst.js:7:1:7:8 | document |
 | foo | tst3.js:4:1:4:5 | w.foo |
 | global | tst2.js:7:1:7:6 | global |
 | global | tst2.js:8:1:8:6 | global |
 | globalThis | tst.js:6:1:6:10 | globalThis |
 | goog | tst3.js:1:1:1:4 | goog |
 | goog | tst3.js:3:9:3:12 | goog |
+| history | tst4.js:1:1:1:46 | require ... history |
+| history | tst.js:7:1:7:28 | documen ... history |
 | self | tst.js:5:1:5:4 | self |
 | setTimeout | tst2.js:5:1:5:12 | g.setTimeout |
 | window | tst2.js:3:1:3:24 | require ... indow") |

javascript/ql/test/library-tests/Nodes/tst.js

@@ -4,3 +4,4 @@ window.document;
 window.window.document;
 self.document;
 globalThis.document;
+document.defaultView.history;

javascript/ql/test/library-tests/Nodes/tst4.js

@@ -0,0 +1 @@
+require("global/document").defaultView.history;