Fix security vulnerabilities: XSS, postMessage origin validation, and…

[Syedsmaeel]

Security Hardening: XSS Prevention and Cross-Window Communication Security

This PR implements critical security improvements and "defense-in-depth" measures across several applications within the Proton WebClients
monorepo. The focus is on preventing Cross-Site Scripting (XSS), securing postMessage communication, and hardening external link handling.

Key Changes

1. Account Application: XSS Prevention

• Issue: The user signature was rendered directly using dangerouslySetInnerHTML in the mobile address section without client-side sanitization.
• Fix: Integrated @proton/sanitize and applied sanitizeMessage() to all signature rendering. This ensures that even if malicious content reaches
  the client, it is neutralized before being injected into the DOM.
• Files: applications/account/src/lite/components/Address/MobileAddressSection.tsx, applications/account/package.json

2. Wallet Application: postMessage Origin Validation

• Issue: The Bitcoin checkout component listened for window messages without validating the event.origin, and checkout success/failure pages sent
  messages using the wildcard * target.
• Fix:
  • Implemented strict origin validation in Checkout/index.tsx, allowing only the local origin and the verified volt.io domain.
  • Replaced wildcard target origins with window.location.origin in all static checkout HTML files to prevent sensitive state leakage.
• Files: applications/wallet/src/app/components/BitcoinBuyModal/Checkout/index.tsx, applications/wallet/public/checkout/*.html

3. Docs Application: Secure Document Duplication

• Issue: The PublicDocumentCopier component processed postMessage requests for document copying without verifying the source.
• Fix: Added origin validation to the message listener to ensure requests only originate from authorized Proton Docs instances.
• Files: applications/docs/src/app/routes/(user)/(document)/doc/__components/PublicDocumentCopier.tsx

4. Account Application: SSO Token Protection

• Issue: The external SSO consumer used postMessage without a specific target origin, potentially exposing SSO tokens to malicious windows.
• Fix: Hardened the postMessage call to explicitly target window.location.origin.
• Files: applications/account/src/app/content/ExternalSSOConsumer.tsx

5. General: External Link Hardening

• Issue: Several external links using target="_blank" were missing rel="noopener noreferrer".
• Fix: Conducted a sweep and added the missing attributes to protect against "tabnabbing" attacks and improve browser performance.
• Files: Various components in docs, wallet, and account.

Impact
These changes reduce the attack surface for cross-site attacks and ensure that sensitive user data (like SSO tokens and payment status) is handled
securely during cross-window interactions.