Use jQuery to strip HTML from response

app/assets/javascripts/geo_nodes.js

@@ -43,7 +43,8 @@ class GeoNodeStatus {
       if (status.health === 'Healthy') {
         this.$health.html('');
       } else {
-        this.$health.html(`<code class="geo-health">${status.health}</code>`);
+        const strippedData = $('<div>').html(`${status.health}`).text();
+        this.$health.html(`<code class="geo-health">${strippedData}</code>`);
       }
 
       this.$status.show();

app/services/geo/node_status_service.rb

 module Geo
   class NodeStatusService
-    include ActionView::Helpers::SanitizeHelper
     include Gitlab::CurrentSettings
     include HTTParty
 
@@ -29,11 +28,11 @@ module Geo
               if payload.is_a?(Hash)
                 payload['message']
               else
+                # The return value can be a giant blob of HTML; ignore it
                 ''
               end
 
-            summary = [message, details].compact.join("\n")
-            [sanitize(summary)]
+            Array([message, details].compact.join("\n"))
           end
         rescue HTTParty::Error, Timeout::Error, SocketError, Errno::ECONNRESET, Errno::ECONNREFUSED => e
           [e.message]
@@ -44,10 +43,6 @@ module Geo
 
     private
 
-    def sanitize(message)
-      ActionView::Base.full_sanitizer.sanitize(message)
-    end
-
     def headers
       Gitlab::Geo::BaseRequest.new.headers
     end

spec/services/geo/node_status_service_spec.rb

@@ -11,11 +11,11 @@ describe Geo::NodeStatusService, services: true do
   end
 
   describe '#call' do
-    it 'strips tags from a 401 response' do
+    it 'parses a 401 response' do
       request = double(success?: false,
                        code: 401,
                        message: 'Unauthorized',
-                       parsed_response: { 'message' => '<html><h1>Test</h1></html>' } )
+                       parsed_response: { 'message' => 'Test' } )
       allow(described_class).to receive(:get).and_return(request)
 
       status = subject.call(secondary)