[x] Enhancement (change which improves upon an existing feature)
[ ] New feature (change which adds new functionality)
Description
Adds context specific late escaping filters to improve XSS security. This ensures that escaping does not interfere with other logic use cases, in the code it is clear that the string is escaped at output, and any changes further up in the logic will not open up the same vulnerabilities in the future.
Types of change
Description
Adds context specific late escaping filters to improve XSS security. This ensures that escaping does not interfere with other logic use cases, in the code it is clear that the string is escaped at output, and any changes further up in the logic will not open up the same vulnerabilities in the future.
https://developers.hubspot.com/docs/cms/hubl/filters#escape-html https://developers.hubspot.com/docs/cms/hubl/filters#escape-attr https://developers.hubspot.com/docs/cms/hubl/filters#escape-url https://developers.hubspot.com/docs/cms/hubl/filters#escape-js https://developers.hubspot.com/docs/cms/hubl/filters#sanitize-html
Relevant links
Example page: GitHub issue:
Checklist
People to notify