[CVE] Handle invalid query, index and date in vega charts filter handlers

[bandinib-amzn]

Description

Potential way to prevent XSS vulnerability discovered in the Vega charts OSD integration.

CVE link:
https://nvd.nist.gov/vuln/detail/CVE-2022-23713

Signed-off-by: Bandini Bhopi bandinib@amazon.com

Testing:

Sanity testing by creating Vega visualization from Vega Example Gallery

Check List

• New functionality includes testing.
  • All tests pass
    • yarn test:jest
    • yarn test:jest_integration
    • yarn test:ftr
• New functionality has been documented.
• Commits are signed per the DCO using --signoff

[kavilla]

Looks pretty good! Just some license headers stuff and we can probably backport this to the 1.x branch.

[codecov-commenter]

Codecov Report

Merging #1932 (995df04) into main (57a751e) will increase coverage by 0.01%.
The diff coverage is 84.44%.

@@            Coverage Diff             @@
##             main    #1932      +/-   ##
==========================================
+ Coverage   67.48%   67.50%   +0.01%     
==========================================
  Files        3076     3077       +1     
  Lines       59144    59184      +40     
  Branches     8989     9003      +14     
==========================================
+ Hits        39915    39953      +38     
- Misses      17044    17045       +1     
- Partials     2185     2186       +1     

Impacted Files	Coverage Δ
...s/vis_type_vega/public/vega_view/vega_base_view.js	55.55% <0.00%> (ø)
packages/osd-std/src/validate_object.ts	91.30% <91.30%> (ø)
...c/plugins/vis_type_vega/public/data_model/utils.ts	73.33% <100.00%> (+34.87%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us.

[manasvinibs]

LGTM