[bugfix] Fix html-escaped characters in content warnings (#426)

* test status create with odd CWs

* use SanitizeCaption for content warning escaping

internal/processing/status/create.go

@@ -51,7 +51,7 @@ func (p *processor) Create(ctx context.Context, account *gtsmodel.Account, appli
 		Local:                    true,
 		AccountID:                account.ID,
 		AccountURI:               account.URI,
-		ContentWarning:           text.RemoveHTML(form.SpoilerText),
+		ContentWarning:           text.SanitizeCaption(form.SpoilerText),
 		ActivityStreamsType:      ap.ObjectNote,
 		Sensitive:                form.Sensitive,
 		Language:                 form.Language,