Update XSS prevention guide

[AlexMaxHorkun]

Purpose of this pull request

This pull request (PR) will update invalid use cases for PHTML escaping, provide guidance on XSS prevention in other areas but .phtml templates

Affected DevDocs pages

• https://devdocs.magento.com/guides/v2.3/extension-dev-guide/xss-protection.html
• https://devdocs.magento.com/guides/v2.3/frontend-dev-guide/templates/template-security.html
• https://devdocs.magento.com/guides/v2.2/extension-dev-guide/xss-protection.html
• https://devdocs.magento.com/guides/v2.2/frontend-dev-guide/templates/template-security.html

Links to Magento source code

• https://github.com/magento/magento2/blob/2.3-develop/lib/internal/Magento/Framework/Escaper.php

whatsnew
Updated the XSS Prevention Strategy topic to correct invalid use cases for PHTML escaping and provide guidance on XSS prevention in other areas.

[devops-devdocs]

An admin must run tests on this PR before it can be merged.

[AlexMaxHorkun]

https://devdocs.magento.com/guides/v2.3/frontend-dev-guide/templates/template-security.html page must either be removed or redirect to https://devdocs.magento.com/guides/v2.3/extension-dev-guide/xss-protection.html so we would only have one anti-XSS guide to support

[jeff-matthews]

@jcalcaben, is this ready to test and merge?

[jcalcaben]

yes, I plan on processing this the next chance I get

[jcalcaben]

running tests

[jcalcaben]

running tests

[ghost]

Hi @AlexMaxHorkun, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.