refactor script.js to pass firefox review

[warengonzaga]

Details

The version 0.1.3 didn't pass the review from Firefox add-ons due to the following reasons below.

This add-on is creating DOM nodes from HTML strings containing potentially unsanitized data, by assigning to innerHTML, jQuery.html, or through similar means. Aside from being inefficient, this is a major security risk. For more information, see https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Safely_inserting_external_content_into_a_page . Here are some examples that were discovered:

• script.js lines 8, 27-29, 40-43

Task

We need help updating or refactoring the script.js to align with their requested changes.

[warengonzaga]

Merged #31 into #25 all thanks to @JBenedicto13 for taking the time to fix and refactoring the code base and improving the project. Salute! 🫡

[warengonzaga]

@JBenedicto13 unfortunately, we didn't pass the review again. Kindly see the details from Firefox team.

Details:
This add-on didn't pass review because of the following problems:

1. This add-on is creating DOM nodes from HTML strings containing potentially unsanitized data, by assigning to innerHTML, jQuery.html, or through similar means. Aside from being inefficient, this is a major security risk. For more information, see https://developer.mozilla.org/en-US/Add-ons/WebExtensions/Safely_inserting_external_content_into_a_page . Here are some examples that were discovered:

• script.js line 8

---

Please address the issues raised in the reviewer's notes and inquire about any unclear items. Afterwards, please upload a new version of your add-on at https://addons.mozilla.org/en-US/developers/addon/matuto/versions.

Thank you for your attention.

[JBenedicto13]

I have come to a solution of using DOMPurify to purify the string on line 8 please take a look at my pull request. Thanks.

[warengonzaga]

Alright checking and testing @JBenedicto13

[warengonzaga]

Closing, as the fix is available in the #34
Let's try again to support Firefox.