Text this: Towards removing cross-site scripting vulnerabilities from mobile web applications