Allow display of html tags from API

[Skylsmoi]

now: react does not interpret html tags from API, it's a basic react security rule

expected: use the dangerouslySetInnerHtml property to allow html

Note : the main security issue is that it allows to save <script> tags in database that will be loaded by clients when they display the message. But Tracim backend already strip those script tags before saving the message in database (tested on tracim v1)

[lebouquetin]

I was about to ask about the drop of <script>. Nice. Probably an automatic security test to implement in our automatic test suite (on both frontend/backend).