Add Handlebars validation to nodes with template fields

[chrisli30]

Problem

Multiple nodes use Handlebars templates in their configuration (e.g., method_params, template fields) but currently don't validate the template size. This is a potential DoS vector.

Nodes Using Handlebars

Based on studio components analysis:

• BranchNode - template expressions
• ContractReadNode - method_params templates
• ContractWriteNode - method_params templates
• EmailNode - template fields
• LoopNodeContractRead - method_params templates
• LoopNodeContractWrite - method_params templates
• LoopNodeRestApi - template fields
• TelegramNode - template fields

Solution

Add hardcoded ValidateInputByLanguage(field, avsproto.Lang_LANG_HANDLEBARS) calls to these nodes.

The validation function already exists in validation_constants.go:

• ✅ ValidateHandlebarsFormat() - 100KB size limit
• ✅ Integrated into ValidateInputByLanguage()

Implementation

For each node, add validation similar to:

// ContractReadNode example
for _, methodCall := range node.Config.MethodCalls {
    for _, param := range methodCall.MethodParams {
        if err := ValidateInputByLanguage(param, avsproto.Lang_LANG_HANDLEBARS); err != nil {
            return nil, fmt.Errorf("method_params validation failed: %w", err)
        }
    }
}

Benefits

• Consistent DoS protection across all Handlebars usage
• Same 100KB limit as JavaScript/GraphQL
• Centralized validation (no duplicate code)

Related

• Part of input validation enhancement (PR feat: Add comprehensive input validation with size limits and JSON validation #408)
• Follows same pattern as JavaScript/GraphQL validation