Fix XSS by parsing player counts as raw data and validating favicon URIs (#116)

* Fix XSS by parsing player counts as raw data (instead of parsing it)

* Ensure the returned favicon is a data URI

* Force server favicon size to 64px

* Increase specificity of data URI validation

The previous commit would happily accept any domain (or subdomain) that started with "data"

.eslintignore

@@ -0,0 +1 @@
+*