Issue #3380624 by danflanagan8, lauriii, ioannis.cherouvim: Toolbar username...

Issue #3380624 by danflanagan8, lauriii, ioannis.cherouvim: Toolbar username lazy builder only XSS filters but doesn't escape user display name - stored remote request

(cherry picked from commit 60f2a21d)