PBWebGit: escape diff before inserting it into to the view

We used to escape a diff only after it was formatted. This would cause
some elements to hang the interface (like an iFrame)

Author: pieter

html/commit.js

@@ -34,7 +34,9 @@ var selectCommit = function(a) {
 
 var showDiffs = function() {
 	$("details").hide();
-	$("details").innerHTML = commit.diff;
+
+	$("details").innerHTML = commit.diff.escapeHTML();
+
 	highlightDiffs();
 	$("details").show();
 }

html/diffHighlighter.js

@@ -12,7 +12,7 @@ var highlightDiffs = function() {
 			if (l.length > 100)
 			l = l.substring(0, 100);
 
-			l = l.escapeHTML().gsub("\t", "  ");
+			l = l.gsub("\t", "  ");
 
 			if (l.startsWith("+"))
 				newContent += "<div class='addline'>" + l + "</div>";