JS: Use an actual sanitizer in test

We got a spurious alert on the following line because 'isLocalURL' is not defined and we don't rely on heuristic name-guessing for sanitisers anymore. This restores the intended behaviour of the test but with an actual sanitiser.

Author: asgerf

javascript/ql/test/query-tests/Security/CWE-601/ServerSideUrlRedirect/express.js

@@ -23,7 +23,7 @@ app.get('/some/other/path2', function(req, res) {
 
 app.get('/some/path', function(req, res) {
   var target = req.param("target");
-  if (isLocalURL(target))
+  if (target.startsWith("https://example.com/"))
     // OK - request parameter is sanitized before incorporating it into the redirect
     res.redirect(target);
   else