Allow admins to use basic formatting in welcome message and sanitize output

[lmarini]

(Fixes #51)

To test you can use this example:

Welcome to <b>Clowder</b>, a <i>scalable</i> data repository where you can share, organize and analyze data.

<h1>A cluster of cats</h1>

<script>alert(‘XSS’)</script>

<image src="https://clowderframework.org/img/cat.png">

<script type=”text/javascript”>
var test=’../example.php?cookie_data=’+escape(document.cookie);
</script>

<b onmouseover=alert(‘XSS testing!‘)></b>

<script>destroyWebsite();</script>

<img src="https://clowderframework.org/img/cat.png" style="width: 100px">

<a href="https://clowderframework.org/">cats</a>

<table style="width:100%">
  <tr>
    <th>Firstname</th>
    <th>Lastname</th>
    <th>Age</th>
  </tr>
  <tr>
    <td>Jill</td>
    <td>Smith</td>
    <td>50</td>
  </tr>
  <tr>
    <td>Eve</td>
    <td>Jackson</td>
    <td>94</td>
  </tr>
</table>

Review Time Estimate

• Immediately
• Within one week
• When possible

Types of changes

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

• My change requires a change to the documentation.
• I have updated the CHANGELOG.md.
• I have signed the CLA
• I have updated the documentation accordingly.
• I have read the CONTRIBUTING document.
• I have added tests to cover my changes.
• All new and existing tests passed.

[tcnichol]

As far as I can tell this one looks good. Marking approved.

[lmarini]

As far as I can tell this one looks good. Marking approved.

For some reason it doesn't show up as approved in the top right.

[tcnichol]

marking approved

[max-zilla]

Ran it and edited welcome with HTML, looks good.