Comment 5 for bug 798759

r13605 has an XSS hole (in "'<a class="sprite yes save" href="#">Select ' + data.title + '</a>'"). It also hides the experimental UI behind a feature flag which is already turned on by default on production, which seems less than ideal.

r13606 reverts it.