Fixes a XSS vulnerability in the noVNC status display which could allow
remote VNC servers to inject arbitrary HTML into the noVNC display page.