Error messages are not escaped

Saw this with a Fastboot error:

![image](https://user-images.githubusercontent.com/200884/86799819-06740a80-c07b-11ea-9d62-8d0f56368d26.png)

I think chromespeak `Array.map(<anonymous>)` is rendered unescaped and treated as containing an HTML tag.

Technically, this is an XSS vulnerability. 😬 