Add validation for doc ID and attachment names

[ricellis]

Checklist

• [x] Tick to sign-off your agreement to the Developer Certificate of Origin (DCO) 1.1
• [x] Added tests for code changes or test/build only changes
• [x] Updated the change log file (CHANGES.md|CHANGELOG.md) or test/build only changes
• [x] Completed the PR template below:

Description

Add validation for doc ID and attachment names

1. Steps to reproduce and the simplest code sample possible to demonstrate the issue

Use an invalid document ID or attachment name.

2. What you expected to happen

The request to fail.

3. What actually happened

The request is passed to the server.

Approach

Add validation to functions that access document IDs or attachments to prevent clash with system paths.

Schema & API Changes

• Behaviour change, errors thrown before server request.

Security and Privacy

• Enhances security by providing a fallback in the event consuming applicaitons to not sanitize user input.

Testing

• Added new tests for many doc ID and attachment name validation scenarios.

Monitoring and Logging

• "No change"