separator is an optional non-word character sequence (\W+) used to terminate the target site URL, especially if extra parameters are given. If omitted, defaults to "///".

domID is the id of the DOM element to be replaced by our test payload. If none is found with that id, the whole body is replaced.

html, if specified, requests an html iframe-based payload to be injected directly in the HTML content.

url, if specified, urlencodes our payload as a well-formed javascript: URL. Notice that most of the time you don't need that, because "javascript:" is prepended to the JS payload anyway (as a label) and we usually don't need url encoding if we assign to window.location.

post, if specified, strips the query string from the target and turns it in POST data when performing the redirection

-- ma1