I want to implement the XSSSanitize java action from CommunityCommons to make sure there is no html code inside my inputs. Should I add the java action as an event handler to the entity inside the domain model, if so, what should I put as input for the parameter html and since i do not want any code to be inside my input widgets, does this mean that I should not select any policy?