Browsing: how to find dom-based xss