- Harden XSS protection with escapeHtml on all rendered output values
- Add empty_fallback support for empty cell display across all view types
- Fix reCAPTCHA default action to 'submit' matching JS side
- Move reCAPTCHA token generation from inline PHP to public.js
- Lower default reCAPTCHA min score from 0.5 to 0.3
- Improve reCAPTCHA token age check and preload error handling
- Add form submit handler for enter key support
- Increase waitForRecaptcha timeout to 10 seconds
- Show button/color settings only for button output types
- Remove debug console.log and error_log statements
- Bump version to 1.4.10
Trim CSV headers and row values in fetch_remote_csv_data() to prevent
whitespace in column names (e.g. "OTP ") from breaking the validation
lookup against sanitized field config keys.
