JS: Accept a spurious alert

Unlike the previous case 'isLocalUrl' actually resolves to a function in this case, but we don't recognise the sanitiser used in it. Fixing it is out of scope for this PR.

javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/ServerSideUrlRedirectGood2.js

@@ -15,7 +15,7 @@ app.get("/redirect", function (req, res) {
   // OK - check that we don't redirect to a different host
   let target = req.query["target"];
   if (isLocalUrl(target)) {
-    res.redirect(target);
+    res.redirect(target); // $ SPURIOUS: Alert - sanitiser not recognised
   } else {
     res.redirect("/");
   }