Rethink logic for Macro sanitization

[dometto]

Currently individual Macros have to call CGI.escapeHTML on user-supplied input. I am wondering whether it makes sense to instead sanitize the parameters that are passed to each individual Macro here. This would mean there's no risk of forgetting to sanitize paramets, but as a downside, this would mean that passing HTML to a Macro would become completely impossible (if any users want to define a Macro that allows that).

[bartkamphorst]

Such an approach would constitute a breaking change and conflict with suggestions in #441 to utilize the possibility of user-supplied HTML content in, for example, the Flash macro.

The example there was to be able to add an octicon through something like <<Flash("<div data-gollum-icon='bell'></div>Important warning here", "warn")>>. For this specific case we can change the Flash macro itself to take an optional argument such that a data-attribute data-gollum-icon will be added to the flash div itself, but the more general question is whether there are other use cases in which HTML content in macros is desirable.

[bartkamphorst]

For future reference: #441 ended up not relying on the possibility of having HTML content in Macros.