fixed sanitize handlebars helper to accept not only strings

src/main/javascript/helpers/handlebars.js

@@ -1,12 +1,26 @@
 'use strict';
 /*jslint eqeq: true*/
 
-var sanitize = function(html) {
-    html = html || '';
-    // Strip the script tags from the html, and return it as a Handlebars.SafeString
+var _sanitize = function(html) {
+    // Strip the script tags from the html and inline evenhandlers
     html = html.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
     html = html.replace(/(on\w+="[^"]*")*(on\w+='[^']*')*(on\w+=\w*\(\w*\))*/gi, '');
-    return new Handlebars.SafeString(html);
+
+    return html;
+};
+
+var sanitize =function (html) {
+    var _html;
+    if( _.isUndefined(html) || _.isNull(html) || _.isNumber(html))  {
+        return new Handlebars.SafeString(html);
+    }
+
+    if (_.isObject(html)){
+        _html = JSON.stringify(html);
+        return new Handlebars.SafeString(JSON.parse(_sanitize(_html)));
+    }
+
+    return new Handlebars.SafeString(_sanitize(html));
 };
 
 Handlebars.registerHelper('sanitize', sanitize);