Ability for Sanitization and Escaping Functions could help eliminating acceptance of scripts in fields.
Example of text entered in a single line text field "Name" on Account Entity:
Comments
Could not post the entire comment the first time so continuing here:
Example of text entered in a single line text field "Name" on Account Entity: alert
This will be stored successfully. When a user requests data of this record they are able to see the field with data as is and no sanitization/ cleanup. stays as is.
ASK:
1. Can OOB functionality be introduced to Sanitize and Escape such tags while saving or rendering data output?
2. If OOB functionality can be introduced can we allow field level option to enable/ disable Sanitization and Escaping Functions to eliminate the ability to store data as scripts? This way Customers can choose which fields allow scripts and which don't. This way not all customers will be impacted by the change.
Category: Unified Experience: Search, navigation and performance