Merge pull request #17 from ragusa-it/sentinel-contact-form-security-13396691456148792037

🛡️ Sentinel: Add input sanitization and validation to Contact form

src/utils/security.ts

@@ -0,0 +1,18 @@
+/**
+ * Sanitizes user input by encoding special HTML characters.
+ * Prevents XSS attacks by ensuring input is treated as text, not HTML.
+ *
+ * @param input - The raw string input from the user.
+ * @returns The sanitized string with special characters encoded.
+ */
+export function sanitizeInput(input: string): string {
+  if (typeof input !== "string") {
+    return input;
+  }
+  return input
+    .replace(/&/g, "&")
+    .replace(/</g, "&lt;")
+    .replace(/>/g, "&gt;")
+    .replace(/"/g, "&quot;")
+    .replace(/'/g, "&#039;");
+}