DOM text reinterpreted as HTML Update controllers.js

Extracting text from a DOM node and interpreting it as HTML can lead to a cross-site scripting vulnerability. to fix this issue is to use a utility function that escapes HTML special characters. i had created a function escapeHtml that replaces special characters with their corresponding HTML entities. This function can then be used to escape the text content before appending it to the DOM.