Replace blacklist/whitelist in doc//development/secure_coding_guidelines.md

URL: https://docs.gitlab.com/ee/development/secure_coding_guidelines.html

grep -R -E 'whitelist|blacklist' doc/development/secure_coding_guidelines.md

doc/development/secure_coding_guidelines.md:For situtions in which a whitelist or GitLab:HTTP cannot be used, it will be necessary to implement mitigations directly in the feature. It is best to validate the destination IP addresses themselves, not just domain names, as DNS can be controlled by the attacker. Below are a list of mitigations that should be implemented.
doc/development/secure_coding_guidelines.md:  - Validate the input using a [whitelist approach](https://youtu.be/2VFavqfDS6w?t=7816) to only allow characters through which you are expecting to receive for the field.
doc/development/secure_coding_guidelines.md:Note that blacklists should be avoided, as it is near impossible to block all [variations of XSS](https://owasp.org/www-community/xss-filter-evasion-cheatsheet).