Add `client-response` Threat Model and update JS ClientsRequests

[GeekMasher]

trafficstars

I've added the client-response threat model to the Threat Modelling shared library. This is a new local threat model that includes the sources of client libraries (mainly focuses at JavaScript / Typescript).

This is needed to discover XSS or other types of security issues when the source of untrusted data in the response content of REST, GraphQL, Soap, etc. clients.