STOP-1246 security fix changes

[SB-venkatyadavilli]

Elements Default PR Template

STOP-1246

In general, make sure you have: (check the boxes to acknowledge you've followed this template)

Description

For Lack of Encoding, we have applied the fix, all user-supplied data within the parameterValues is now sanitized before being processed by the application.

How Has This Been Tested?

Tested it locally.

Screenshot(s)/recordings(s)

Input

Before

After

• Read CONTRIBUTING.md

Other Available PR Templates:

• Release: https://github.com/stoplightio/elements/compare?template=release.md
  • Read the release section of CONTRIBUTING.md

[netlify]

❌ Deploy Preview for stoplight-elements failed.

Name	Link
🔨 Latest commit	edbfad9
🔍 Latest deploy log	https://app.netlify.com/projects/stoplight-elements/deploys/687f57a8d452820008262402

[netlify]

✅ Deploy Preview for stoplight-elements-demo ready!

Name	Link
🔨 Latest commit	edbfad9
🔍 Latest deploy log	https://app.netlify.com/projects/stoplight-elements-demo/deploys/687f57a8f257160008d8f67b
😎 Deploy Preview	https://deploy-preview-2806--stoplight-elements-demo.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[prafullaAtSB]

I can see domspurify package usage in elements core only. Why can't we add the in elements-core package.json?

[SB-venkatyadavilli]

I can see domspurify package usage in elements core only. Why can't we add the in elements-core package.json?

@prafullaAtSB, Have moved dompurify package from global to elements-core package.json

[prafullaAtSB]

Changes are good to go ahead.

[bhaskarsontakke]

Thanks for addressing all the review comments. The changes look good to me