diff --git a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
index 95c3f52c55e..ff87c07e74e 100644
--- a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
+++ b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
@@ -73,7 +73,8 @@ typeInferenceMismatch
 | nested-props.js:43:13:43:20 | source() | nested-props.js:44:10:44:18 | id(obj).x |
 | nested-props.js:67:31:67:38 | source() | nested-props.js:68:10:68:10 | x |
 | nested-props.js:77:36:77:43 | source() | nested-props.js:78:10:78:10 | x |
-| object-bypass-sanitizer.js:13:13:13:20 | source() | object-bypass-sanitizer.js:6:14:6:18 | x.foo |
+| object-bypass-sanitizer.js:23:13:23:20 | source() | object-bypass-sanitizer.js:12:14:12:18 | x.foo |
+| object-bypass-sanitizer.js:23:13:23:20 | source() | object-bypass-sanitizer.js:17:10:17:28 | sanitizer_id(x).foo |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:17:14:17:14 | x |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:20:14:20:14 | y |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:30:14:30:20 | x.value |
diff --git a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql
index 26c66a1b4fe..a96fbba18e4 100644
--- a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql
+++ b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.ql
@@ -33,6 +33,10 @@ class BasicConfig extends TaintTracking::Configuration {
     node instanceof UntaintableNode
   }
 
+  override predicate isSanitizer(DataFlow::Node node) {
+    node.(DataFlow::InvokeNode).getCalleeName().matches("sanitizer_%")
+  }
+
   override predicate isSanitizerGuard(TaintTracking::SanitizerGuardNode node) {
     node instanceof BasicSanitizerGuard
   }
diff --git a/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected b/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
index bcd301b5d53..4a51bb9aed2 100644
--- a/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
+++ b/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
@@ -47,6 +47,9 @@
 | nested-props.js:35:13:35:20 | source() | nested-props.js:36:10:36:20 | doLoad(obj) |
 | nested-props.js:43:13:43:20 | source() | nested-props.js:44:10:44:18 | id(obj).x |
 | nested-props.js:67:31:67:38 | source() | nested-props.js:68:10:68:10 | x |
+| object-bypass-sanitizer.js:21:7:21:14 | source() | object-bypass-sanitizer.js:15:10:15:24 | sanitizer_id(x) |
+| object-bypass-sanitizer.js:23:13:23:20 | source() | object-bypass-sanitizer.js:16:10:16:28 | sanitizer_id(x.foo) |
+| object-bypass-sanitizer.js:23:13:23:20 | source() | object-bypass-sanitizer.js:17:10:17:28 | sanitizer_id(x).foo |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:17:14:17:14 | x |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:20:14:20:14 | y |
 | partialCalls.js:4:17:4:24 | source() | partialCalls.js:30:14:30:20 | x.value |
diff --git a/javascript/ql/test/library-tests/TaintTracking/object-bypass-sanitizer.js b/javascript/ql/test/library-tests/TaintTracking/object-bypass-sanitizer.js
index 6f2d1a7de80..e9120e288c0 100644
--- a/javascript/ql/test/library-tests/TaintTracking/object-bypass-sanitizer.js
+++ b/javascript/ql/test/library-tests/TaintTracking/object-bypass-sanitizer.js
@@ -1,10 +1,20 @@
 import * as dummy from 'dummy';
 
+function sanitizer_id(x) {
+    if (really_complicated_reason(x))
+        return x;
+    return null;
+}
+
 function f(x) {
     if (isSafe(x)) {
         sink(x);
         sink(x.foo); // NOT OK
     }
+
+    sink(sanitizer_id(x)); // OK
+    sink(sanitizer_id(x.foo)); // OK
+    sink(sanitizer_id(x).foo); // NOT OK
 }
 
 function g() {