Good day, Lorenzo,

First, thanks for stopping by and sharing your suggestions with all the potential readers for this article.

For your suggestion of using the "Validator service" itself (for the "Lack of Input Validation" pitfall), you are right, and I have added another block with that solution and also provided an example. Thanks for highlighting this option, as not every project might use Forms.

Regarding the HTML Sanitizer component, I need to say that I understand the importance of not reinventing the wheel. I have added another block and an example for those interested in this solution. However, I believe it might not be the most suitable case unless you build monolithic apps.

Although it is a valid solution, I need to say that (based on my experience) it might be overloading your micro-projects or AMQP consumers. Please bear in mind I suggested a simple operation using a built-in PHP function. Hopefully, you can better understand my point of view after seeing a recommendation by Tobias Nyholm, one of the Symfony Core team members, back at the SymfonyLive London 2018 event.

SymfonyLive London 2018 - Tobias Nyholm - Symfony without the framework bundle: https://www.youtube.com/watch?v=K-snWvHygxs