Selection: Deprecate Selection::html

[jmsmyth]

If used incorrectly, it can increase the chance of adding xss vulnerabilities. So probably best to remove it from the api

[rowan-simms]

You should also investigate places where html strings are passed as parameters eg deprecate the Dropdown constructor that uses it.

[rowan-simms]

Modules that currently seem to use Selection::html -

• Dropdown
• Paginator (can trivially be replaced with fluid icons)
• Sidebar (ditto)
• Tree

Several tests also use the html getter. Maybe we can get away with just deprecating the setter ?

[rowan-simms]

Do we also want to deprecate hx.parseHTML for the same reason ?

[jmsmyth]

Yes, I think so