const escapeDiv = document.createElement("div");
/**
 * @param {string} text Potentially dangerous text
 * @returns {string} Text safe to embed in HTML
 **/
function escapeHtml(text) {
  escapeDiv.textContent = text;
  return escapeDiv.innerHTML;
}