Changed the HTML response for the Ajax callback mechanism to offer a more robust handling towards possible XSS injection.

Please see modified callback pattern at:
http://oxpedia.org/wiki/index.php?title=HTTP_API#File_uploads