A web browser with dynamic data-flow tracking enabled in the Javascript engine and DOM, based on Mozilla Firefox (https://github.com/mozilla/gecko-dev). It can be used to identify insecure data flows or data privacy leaks in client-side web applications.
The URLHelper SerializeString method loops over characters to build an escaped output string:
https://github.com/SAP/project-foxhound/blob/d9f74c7ef05fd4558d6c0700231e7ce84ca441f2/netwerk/base/nsURLHelper.cpp#L1330
Currently the taint information is not propagated.