Sanitize diff_discussion_html

From Completely remove jQuery from GFM (!107218 - merged):

Using insertAdjacentHTML here could lead to cross-site scripting vulnerability if the user content is passed successfully through noteEntity.diff_discussion_html. While it may be possible that we do sanitization on the backend but we must try to sanitize everything on frontend as a defense-in-depth.

We should try to sanitize diff_discussion_html and preserve GitLab Flavoured Markup html.