[runmode addon] Use textContent instead of innerHTML to clear elements

In general, assigning a plain string to the innerHTML property of an
element can cause XSS vulnerabilities, and is thus considered as a
violation by the Trusted Types web platform security mechanism. This
commit addresses two such violations in CodeMirror by replacing them
with semantically equivalent assignments to the textContent property.
This is currently a blocker for CodeMirror users that want to enforce
Trusted Types in their web application.

addon/runmode/colorize.js

@@ -31,7 +31,7 @@
 
       var text = [];
       textContent(node, text);
-      node.innerHTML = "";
+      node.textContent = "";
       CodeMirror.runMode(text.join(""), mode, node);
 
       node.className += " cm-s-default";

addon/runmode/runmode.js

@@ -20,7 +20,7 @@ CodeMirror.runMode = function(string, modespec, callback, options) {
     var ie = /MSIE \d/.test(navigator.userAgent);
     var ie_lt9 = ie && (document.documentMode == null || document.documentMode < 9);
     var node = callback, col = 0;
-    node.innerHTML = "";
+    node.textContent = "";
     callback = function(text, style) {
       if (text == "\n") {
         // Emitting LF or CRLF on IE8 or earlier results in an incorrect display.