diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.expected b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.expected
index 5718001b294..1690a98c234 100644
--- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/ConsistencyDomBasedXss.expected
@@ -1,5 +1,12 @@
 | query-tests/Security/CWE-079/DomBasedXss/express.js:6 | expected an alert, but found none | NOT OK |  |
 | query-tests/Security/CWE-079/DomBasedXss/jwt-server.js:10 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/react-use-context.js:10 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/react-use-context.js:16 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/tst3.js:4 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/tst3.js:5 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/tst3.js:7 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/tst3.js:9 | expected an alert, but found none | NOT OK |  |
+| query-tests/Security/CWE-079/DomBasedXss/tst3.js:10 | expected an alert, but found none | NOT OK |  |
 | query-tests/Security/CWE-079/DomBasedXss/tst.js:349 | expected an alert, but found none | NOT OK |  |
 | query-tests/Security/CWE-079/DomBasedXss/tst.js:356 | expected an alert, but found none | NOT OK. (this is a jQuery object) |  |
 | query-tests/Security/CWE-079/DomBasedXss/tst.js:360 | expected an alert, but found none | NOT OK. (this is a DOM-node); |  |
diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
index c0cb9956c4c..83a0a15ef53 100644
--- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/Xss.expected
@@ -203,12 +203,6 @@ nodes
 | react-native.js:8:18:8:24 | tainted |
 | react-native.js:9:27:9:33 | tainted |
 | react-native.js:9:27:9:33 | tainted |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
 | react-use-state.js:4:9:4:49 | state |
 | react-use-state.js:4:10:4:14 | state |
 | react-use-state.js:4:38:4:48 | window.name |
@@ -311,27 +305,6 @@ nodes
 | translate.js:7:42:7:60 | target.substring(1) |
 | translate.js:9:27:9:50 | searchP ... 'term') |
 | translate.js:9:27:9:50 | searchP ... 'term') |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) |
-| tst3.js:2:23:2:74 | decodeU ... str(1)) |
-| tst3.js:2:42:2:56 | window.location |
-| tst3.js:2:42:2:56 | window.location |
-| tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:73 | window. ... bstr(1) |
-| tst3.js:4:25:4:28 | data |
-| tst3.js:4:25:4:32 | data.src |
-| tst3.js:4:25:4:32 | data.src |
-| tst3.js:5:26:5:29 | data |
-| tst3.js:5:26:5:31 | data.p |
-| tst3.js:5:26:5:31 | data.p |
-| tst3.js:7:32:7:35 | data |
-| tst3.js:7:32:7:37 | data.p |
-| tst3.js:7:32:7:37 | data.p |
-| tst3.js:9:37:9:40 | data |
-| tst3.js:9:37:9:42 | data.p |
-| tst3.js:9:37:9:42 | data.p |
-| tst3.js:10:38:10:41 | data |
-| tst3.js:10:38:10:43 | data.p |
-| tst3.js:10:38:10:43 | data.p |
 | tst.js:2:7:2:39 | target |
 | tst.js:2:7:2:39 | target |
 | tst.js:2:16:2:32 | document.location |
@@ -847,8 +820,6 @@ edges
 | react-native.js:7:7:7:33 | tainted | react-native.js:9:27:9:33 | tainted |
 | react-native.js:7:17:7:33 | req.param("code") | react-native.js:7:7:7:33 | tainted |
 | react-native.js:7:17:7:33 | req.param("code") | react-native.js:7:7:7:33 | tainted |
-| react-use-context.js:10:22:10:32 | window.name | react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:16:26:16:36 | window.name | react-use-context.js:16:26:16:36 | window.name |
 | react-use-state.js:4:9:4:49 | state | react-use-state.js:5:51:5:55 | state |
 | react-use-state.js:4:9:4:49 | state | react-use-state.js:5:51:5:55 | state |
 | react-use-state.js:4:10:4:14 | state | react-use-state.js:4:9:4:49 | state |
@@ -935,26 +906,6 @@ edges
 | translate.js:7:42:7:47 | target | translate.js:7:42:7:60 | target.substring(1) |
 | translate.js:7:42:7:60 | target.substring(1) | translate.js:9:27:9:50 | searchP ... 'term') |
 | translate.js:7:42:7:60 | target.substring(1) | translate.js:9:27:9:50 | searchP ... 'term') |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:4:25:4:28 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:5:26:5:29 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:7:32:7:35 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:9:37:9:40 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:10:38:10:41 | data |
-| tst3.js:2:23:2:74 | decodeU ... str(1)) | tst3.js:2:12:2:75 | JSON.pa ... tr(1))) |
-| tst3.js:2:42:2:56 | window.location | tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:56 | window.location | tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:63 | window. ... .search | tst3.js:2:42:2:73 | window. ... bstr(1) |
-| tst3.js:2:42:2:73 | window. ... bstr(1) | tst3.js:2:23:2:74 | decodeU ... str(1)) |
-| tst3.js:4:25:4:28 | data | tst3.js:4:25:4:32 | data.src |
-| tst3.js:4:25:4:28 | data | tst3.js:4:25:4:32 | data.src |
-| tst3.js:5:26:5:29 | data | tst3.js:5:26:5:31 | data.p |
-| tst3.js:5:26:5:29 | data | tst3.js:5:26:5:31 | data.p |
-| tst3.js:7:32:7:35 | data | tst3.js:7:32:7:37 | data.p |
-| tst3.js:7:32:7:35 | data | tst3.js:7:32:7:37 | data.p |
-| tst3.js:9:37:9:40 | data | tst3.js:9:37:9:42 | data.p |
-| tst3.js:9:37:9:40 | data | tst3.js:9:37:9:42 | data.p |
-| tst3.js:10:38:10:41 | data | tst3.js:10:38:10:43 | data.p |
-| tst3.js:10:38:10:41 | data | tst3.js:10:38:10:43 | data.p |
 | tst.js:2:7:2:39 | target | tst.js:5:18:5:23 | target |
 | tst.js:2:7:2:39 | target | tst.js:5:18:5:23 | target |
 | tst.js:2:7:2:39 | target | tst.js:12:28:12:33 | target |
@@ -1301,8 +1252,6 @@ edges
 | optionalSanitizer.js:45:18:45:56 | sanitiz ...  target | optionalSanitizer.js:26:16:26:32 | document.location | optionalSanitizer.js:45:18:45:56 | sanitiz ...  target | Cross-site scripting vulnerability due to $@. | optionalSanitizer.js:26:16:26:32 | document.location | user-provided value |
 | react-native.js:8:18:8:24 | tainted | react-native.js:7:17:7:33 | req.param("code") | react-native.js:8:18:8:24 | tainted | Cross-site scripting vulnerability due to $@. | react-native.js:7:17:7:33 | req.param("code") | user-provided value |
 | react-native.js:9:27:9:33 | tainted | react-native.js:7:17:7:33 | req.param("code") | react-native.js:9:27:9:33 | tainted | Cross-site scripting vulnerability due to $@. | react-native.js:7:17:7:33 | req.param("code") | user-provided value |
-| react-use-context.js:10:22:10:32 | window.name | react-use-context.js:10:22:10:32 | window.name | react-use-context.js:10:22:10:32 | window.name | Cross-site scripting vulnerability due to $@. | react-use-context.js:10:22:10:32 | window.name | user-provided value |
-| react-use-context.js:16:26:16:36 | window.name | react-use-context.js:16:26:16:36 | window.name | react-use-context.js:16:26:16:36 | window.name | Cross-site scripting vulnerability due to $@. | react-use-context.js:16:26:16:36 | window.name | user-provided value |
 | react-use-state.js:5:51:5:55 | state | react-use-state.js:4:38:4:48 | window.name | react-use-state.js:5:51:5:55 | state | Cross-site scripting vulnerability due to $@. | react-use-state.js:4:38:4:48 | window.name | user-provided value |
 | react-use-state.js:11:51:11:55 | state | react-use-state.js:10:14:10:24 | window.name | react-use-state.js:11:51:11:55 | state | Cross-site scripting vulnerability due to $@. | react-use-state.js:10:14:10:24 | window.name | user-provided value |
 | react-use-state.js:17:51:17:55 | state | react-use-state.js:16:20:16:30 | window.name | react-use-state.js:17:51:17:55 | state | Cross-site scripting vulnerability due to $@. | react-use-state.js:16:20:16:30 | window.name | user-provided value |
@@ -1324,11 +1273,6 @@ edges
 | string-manipulations.js:9:16:9:58 | String. ... n.href) | string-manipulations.js:9:36:9:52 | document.location | string-manipulations.js:9:16:9:58 | String. ... n.href) | Cross-site scripting vulnerability due to $@. | string-manipulations.js:9:36:9:52 | document.location | user-provided value |
 | string-manipulations.js:10:16:10:45 | String( ... n.href) | string-manipulations.js:10:23:10:39 | document.location | string-manipulations.js:10:16:10:45 | String( ... n.href) | Cross-site scripting vulnerability due to $@. | string-manipulations.js:10:23:10:39 | document.location | user-provided value |
 | translate.js:9:27:9:50 | searchP ... 'term') | translate.js:6:16:6:32 | document.location | translate.js:9:27:9:50 | searchP ... 'term') | Cross-site scripting vulnerability due to $@. | translate.js:6:16:6:32 | document.location | user-provided value |
-| tst3.js:4:25:4:32 | data.src | tst3.js:2:42:2:56 | window.location | tst3.js:4:25:4:32 | data.src | Cross-site scripting vulnerability due to $@. | tst3.js:2:42:2:56 | window.location | user-provided value |
-| tst3.js:5:26:5:31 | data.p | tst3.js:2:42:2:56 | window.location | tst3.js:5:26:5:31 | data.p | Cross-site scripting vulnerability due to $@. | tst3.js:2:42:2:56 | window.location | user-provided value |
-| tst3.js:7:32:7:37 | data.p | tst3.js:2:42:2:56 | window.location | tst3.js:7:32:7:37 | data.p | Cross-site scripting vulnerability due to $@. | tst3.js:2:42:2:56 | window.location | user-provided value |
-| tst3.js:9:37:9:42 | data.p | tst3.js:2:42:2:56 | window.location | tst3.js:9:37:9:42 | data.p | Cross-site scripting vulnerability due to $@. | tst3.js:2:42:2:56 | window.location | user-provided value |
-| tst3.js:10:38:10:43 | data.p | tst3.js:2:42:2:56 | window.location | tst3.js:10:38:10:43 | data.p | Cross-site scripting vulnerability due to $@. | tst3.js:2:42:2:56 | window.location | user-provided value |
 | tst.js:5:18:5:23 | target | tst.js:2:16:2:32 | document.location | tst.js:5:18:5:23 | target | Cross-site scripting vulnerability due to $@. | tst.js:2:16:2:32 | document.location | user-provided value |
 | tst.js:8:18:8:126 | "<OPTIO ... PTION>" | tst.js:8:37:8:53 | document.location | tst.js:8:18:8:126 | "<OPTIO ... PTION>" | Cross-site scripting vulnerability due to $@. | tst.js:8:37:8:53 | document.location | user-provided value |
 | tst.js:12:5:12:42 | '<div s ...  'px">' | tst.js:2:16:2:39 | documen ... .search | tst.js:12:5:12:42 | '<div s ...  'px">' | Cross-site scripting vulnerability due to $@. | tst.js:2:16:2:39 | documen ... .search | user-provided value |
diff --git a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
index c7673b911af..5d170f5f80b 100644
--- a/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-079/DomBasedXss/XssWithAdditionalSources.expected
@@ -203,12 +203,6 @@ nodes
 | react-native.js:8:18:8:24 | tainted |
 | react-native.js:9:27:9:33 | tainted |
 | react-native.js:9:27:9:33 | tainted |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
-| react-use-context.js:16:26:16:36 | window.name |
 | react-use-state.js:4:9:4:49 | state |
 | react-use-state.js:4:10:4:14 | state |
 | react-use-state.js:4:38:4:48 | window.name |
@@ -311,27 +305,6 @@ nodes
 | translate.js:7:42:7:60 | target.substring(1) |
 | translate.js:9:27:9:50 | searchP ... 'term') |
 | translate.js:9:27:9:50 | searchP ... 'term') |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) |
-| tst3.js:2:23:2:74 | decodeU ... str(1)) |
-| tst3.js:2:42:2:56 | window.location |
-| tst3.js:2:42:2:56 | window.location |
-| tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:73 | window. ... bstr(1) |
-| tst3.js:4:25:4:28 | data |
-| tst3.js:4:25:4:32 | data.src |
-| tst3.js:4:25:4:32 | data.src |
-| tst3.js:5:26:5:29 | data |
-| tst3.js:5:26:5:31 | data.p |
-| tst3.js:5:26:5:31 | data.p |
-| tst3.js:7:32:7:35 | data |
-| tst3.js:7:32:7:37 | data.p |
-| tst3.js:7:32:7:37 | data.p |
-| tst3.js:9:37:9:40 | data |
-| tst3.js:9:37:9:42 | data.p |
-| tst3.js:9:37:9:42 | data.p |
-| tst3.js:10:38:10:41 | data |
-| tst3.js:10:38:10:43 | data.p |
-| tst3.js:10:38:10:43 | data.p |
 | tst.js:2:7:2:39 | target |
 | tst.js:2:7:2:39 | target |
 | tst.js:2:16:2:32 | document.location |
@@ -851,8 +824,6 @@ edges
 | react-native.js:7:7:7:33 | tainted | react-native.js:9:27:9:33 | tainted |
 | react-native.js:7:17:7:33 | req.param("code") | react-native.js:7:7:7:33 | tainted |
 | react-native.js:7:17:7:33 | req.param("code") | react-native.js:7:7:7:33 | tainted |
-| react-use-context.js:10:22:10:32 | window.name | react-use-context.js:10:22:10:32 | window.name |
-| react-use-context.js:16:26:16:36 | window.name | react-use-context.js:16:26:16:36 | window.name |
 | react-use-state.js:4:9:4:49 | state | react-use-state.js:5:51:5:55 | state |
 | react-use-state.js:4:9:4:49 | state | react-use-state.js:5:51:5:55 | state |
 | react-use-state.js:4:10:4:14 | state | react-use-state.js:4:9:4:49 | state |
@@ -939,26 +910,6 @@ edges
 | translate.js:7:42:7:47 | target | translate.js:7:42:7:60 | target.substring(1) |
 | translate.js:7:42:7:60 | target.substring(1) | translate.js:9:27:9:50 | searchP ... 'term') |
 | translate.js:7:42:7:60 | target.substring(1) | translate.js:9:27:9:50 | searchP ... 'term') |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:4:25:4:28 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:5:26:5:29 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:7:32:7:35 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:9:37:9:40 | data |
-| tst3.js:2:12:2:75 | JSON.pa ... tr(1))) | tst3.js:10:38:10:41 | data |
-| tst3.js:2:23:2:74 | decodeU ... str(1)) | tst3.js:2:12:2:75 | JSON.pa ... tr(1))) |
-| tst3.js:2:42:2:56 | window.location | tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:56 | window.location | tst3.js:2:42:2:63 | window. ... .search |
-| tst3.js:2:42:2:63 | window. ... .search | tst3.js:2:42:2:73 | window. ... bstr(1) |
-| tst3.js:2:42:2:73 | window. ... bstr(1) | tst3.js:2:23:2:74 | decodeU ... str(1)) |
-| tst3.js:4:25:4:28 | data | tst3.js:4:25:4:32 | data.src |
-| tst3.js:4:25:4:28 | data | tst3.js:4:25:4:32 | data.src |
-| tst3.js:5:26:5:29 | data | tst3.js:5:26:5:31 | data.p |
-| tst3.js:5:26:5:29 | data | tst3.js:5:26:5:31 | data.p |
-| tst3.js:7:32:7:35 | data | tst3.js:7:32:7:37 | data.p |
-| tst3.js:7:32:7:35 | data | tst3.js:7:32:7:37 | data.p |
-| tst3.js:9:37:9:40 | data | tst3.js:9:37:9:42 | data.p |
-| tst3.js:9:37:9:40 | data | tst3.js:9:37:9:42 | data.p |
-| tst3.js:10:38:10:41 | data | tst3.js:10:38:10:43 | data.p |
-| tst3.js:10:38:10:41 | data | tst3.js:10:38:10:43 | data.p |
 | tst.js:2:7:2:39 | target | tst.js:5:18:5:23 | target |
 | tst.js:2:7:2:39 | target | tst.js:5:18:5:23 | target |
 | tst.js:2:7:2:39 | target | tst.js:12:28:12:33 | target |
diff --git a/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.expected b/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.expected
index e69de29bb2d..8355db8c6e4 100644
--- a/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/ConsistencyStoredXss.expected
@@ -0,0 +1 @@
+| query-tests/Security/CWE-079/StoredXss/xss-through-torrent.js:7 | expected an alert, but found none | NOT OK |  |
diff --git a/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected b/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
index d6142c980b6..b0062e70b78 100644
--- a/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
+++ b/javascript/ql/test/query-tests/Security/CWE-079/StoredXss/StoredXss.expected
@@ -19,11 +19,6 @@ nodes
 | xss-through-filenames.js:35:29:35:34 | files2 |
 | xss-through-filenames.js:37:19:37:24 | files3 |
 | xss-through-filenames.js:37:19:37:24 | files3 |
-| xss-through-torrent.js:6:6:6:24 | name |
-| xss-through-torrent.js:6:13:6:24 | torrent.name |
-| xss-through-torrent.js:6:13:6:24 | torrent.name |
-| xss-through-torrent.js:7:11:7:14 | name |
-| xss-through-torrent.js:7:11:7:14 | name |
 edges
 | xss-through-filenames.js:7:43:7:48 | files1 | xss-through-filenames.js:8:18:8:23 | files1 |
 | xss-through-filenames.js:7:43:7:48 | files1 | xss-through-filenames.js:8:18:8:23 | files1 |
@@ -46,13 +41,8 @@ edges
 | xss-through-filenames.js:35:13:35:35 | files3 | xss-through-filenames.js:37:19:37:24 | files3 |
 | xss-through-filenames.js:35:22:35:35 | format(files2) | xss-through-filenames.js:35:13:35:35 | files3 |
 | xss-through-filenames.js:35:29:35:34 | files2 | xss-through-filenames.js:35:22:35:35 | format(files2) |
-| xss-through-torrent.js:6:6:6:24 | name | xss-through-torrent.js:7:11:7:14 | name |
-| xss-through-torrent.js:6:6:6:24 | name | xss-through-torrent.js:7:11:7:14 | name |
-| xss-through-torrent.js:6:13:6:24 | torrent.name | xss-through-torrent.js:6:6:6:24 | name |
-| xss-through-torrent.js:6:13:6:24 | torrent.name | xss-through-torrent.js:6:6:6:24 | name |
 #select
 | xss-through-filenames.js:8:18:8:23 | files1 | xss-through-filenames.js:7:43:7:48 | files1 | xss-through-filenames.js:8:18:8:23 | files1 | Stored cross-site scripting vulnerability due to $@. | xss-through-filenames.js:7:43:7:48 | files1 | stored value |
 | xss-through-filenames.js:26:19:26:24 | files1 | xss-through-filenames.js:25:43:25:48 | files1 | xss-through-filenames.js:26:19:26:24 | files1 | Stored cross-site scripting vulnerability due to $@. | xss-through-filenames.js:25:43:25:48 | files1 | stored value |
 | xss-through-filenames.js:33:19:33:24 | files2 | xss-through-filenames.js:25:43:25:48 | files1 | xss-through-filenames.js:33:19:33:24 | files2 | Stored cross-site scripting vulnerability due to $@. | xss-through-filenames.js:25:43:25:48 | files1 | stored value |
 | xss-through-filenames.js:37:19:37:24 | files3 | xss-through-filenames.js:25:43:25:48 | files1 | xss-through-filenames.js:37:19:37:24 | files3 | Stored cross-site scripting vulnerability due to $@. | xss-through-filenames.js:25:43:25:48 | files1 | stored value |
-| xss-through-torrent.js:7:11:7:14 | name | xss-through-torrent.js:6:13:6:24 | torrent.name | xss-through-torrent.js:7:11:7:14 | name | Stored cross-site scripting vulnerability due to $@. | xss-through-torrent.js:6:13:6:24 | torrent.name | stored value |