introducing a sanitize HTML function for the internal and the public API. This

allows to easily convert strings to HTML before displaying them on the web page
to reduce the risk of xss vulnerabilities.