Tainted mode for Javascript and tools for identifying DOM XSS (similar to DOMinator) would be really useful for security testing and audits of the modern complex sites. There is a bug open https://bugzilla.mozilla.org/show_bug.cgi?id=811877 - hopefully it can be given sufficiently high attention and priority!