fix: always consider report content as text

Report content was used as HTML in front-end and e-mails but wasn't sanitized as such.

Signed-off-by: Thomas Citharel <tcit@tcit.fr>

lib/federation/activity_stream/converter/flag.ex

@@ -60,6 +60,7 @@ defmodule Mobilizon.Federation.ActivityStream.Converter.Flag do
       "actor" => Relay.get_actor().url,
       "id" => report.url,
       "content" => report.content,
+      "mediaType" => "text/plain",
       "object" => object
     }
   end

lib/web/templates/email/report.html.heex

@@ -192,7 +192,7 @@
           >
             <p style="margin: 0">
               <h3><%= gettext("Reasons for report") %></h3>
-              <%= @report.content |> raw %>
+              <%= @report.content %>
             </p>
             <table
               cellspacing="0"