Sanitizer constructor needs to set configuration with safe

[evilpie]

Regression from #254. The normal Sanitizer constructor does not set the safe parameter.

2. Let valid be the return value of setting configuration on this.

https://wicg.github.io/sanitizer-api/#sanitizer-constructor

To set a configuration, given a dictionary configuration, a boolean safe, and a Sanitizer sanitizer:

https://wicg.github.io/sanitizer-api/#sanitizer-set-a-configuration

It's actually not immediately obvious to me if we should default to false or true. I think whatever we choose we would end up in a situation where we either break setHTML(html) == setHTML(html, {sanitizer: new Sanitizer()}) or setHTMLUnsafe(html) == setHTMLUnsafe(html, {sanitizer: new Sanitizer()}), because at the construction time we don't know which variant safe/unsafe is going to be called.
We might have discussed this already, though.

[annevk]

I think it should depend on whether or not "default" ends up being passed (including when it's the default value). In that case it should be safe. Otherwise it should be unsafe.

setHTMLUnsafe(html) == setHTMLUnsafe(html, {sanitizer: new Sanitizer()})

This is already not the same as Sanitizer uses "default". You'd have to pass { } as constructor argument instead. Coupled with my rule above that would make this work.