Since "whitelist" is both an historic bad labelling of people with racist connotations, and ambiguous and imprecise from a technical standpoint, the sanitize_input_whitelist site setting has been renamed to sanitize_input_safe_keys. Check your settings.php, settings.local.php, etc to make sure if you are defining this setting that you update it to the new name.
Similarly, the Drupal\Core\Security\RequestSanitizer::SANITIZE_WHITELIST constant (see core/lib/Drupal/Core/Security/RequestSanitizer.php) has been replaced with RequestSanitizer::SANITIZE_INPUT_SAFE_KEYS.
From 9.1.0 through the end of Drupal 9, using the legacy names will continue to work, but will trigger a deprecation warning. Starting in Drupal 10.0.0, support for the old names will be completely removed.
