fix(front-end): add more security fixes for formatted lists and notifier

- introduce html escape function
- escape message content in notifier plugin
- escape user name in ConversationListItem
- escape user name in the Event EditView contacts section
- display user summary as plain text in ActorCard

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

src/utils/html.ts

@@ -5,3 +5,13 @@ export const getValueFromMeta = (name: string): string | null => {
   }
   return null;
 };
+
+export function escapeHtml(html: string) {
+  const p = document.createElement("p");
+  p.appendChild(document.createTextNode(html.trim()));
+
+  const escapedContent = p.innerHTML;
+  p.remove();
+
+  return escapedContent;
+}