d8c911ccb4
This is in keeping with other Editors such as Atto and resolves an issue where DOM Purification incorrectly identifies HTML-like string content as an HTML tag with a JS variable. Moodle already performs XSS sanitisation using HTML Purifier in PHP.