FAQ-001131 - Lightning Web Components and JavaScript Security / Data Sanitization and Escaping

**LWC Design Attributes:** Yes, inputs from LWC design attributes, even if configurable only by administrators, are considered untrusted and must be sanitized. Public or global component attributes are assumed to potentially contain attacker-controlled inputs unless explicitly sanitized by the component. **User-Controlled Input Definition:** In the context of Lightning Web Components, user-controlled input refers to any data or parameters that are provided or influenced by the user. This includes: - URL parameters - Cookies - Headers - Data retrieved from methods like `getParameters()` or `getAnchor()` in APIs or components It's essential to validate and sanitize these inputs to prevent security vulnerabilities like XSS (Cross-Site Scripting).

The FAQ content is accurate and well-structured. The only minor improvement is adding 'like XSS (Cross-Site Scripting)' to the final sentence to make it more specific about what security vulnerabilities can occur from unsanitized inputs. This provides better context for developers about why sanitization matters. Related security rules selected: 1. @lwc/lwc/no-inner-html - This rule directly relates to the FAQ's discussion of LWC design attributes and the need to sanitize inputs in Lightning Web Components to prevent XSS vulnerabilities. 2. ApexXSSFromURLParam - This rule is relevant because the FAQ specifically mentions 'URL parameters' as user-controlled input that must be validated and sanitized. 3. ApexXSSFromEscapeFalse - This rule relates to the FAQ's emphasis on sanitizing inputs to prevent XSS attacks, which is the core security concern addressed. 4. AvoidUnescapedHtmlInAura - While this is Aura-specific, it relates to the same principle discussed in the FAQ about sanitizing component inputs to prevent XSS vulnerabilities.