i don't know the tech you are using but you can prevent that by running the code in a sandboxed worker, at least it won't crash, like https://github.com/asvd/jailed (i don't know how secure is that though)
Thanks. We are using compilebox[1] for languages which is sandboxed in Docker. But html is still rendered in everyone's browser. I am looking into solutions for preventing this.
[1]: https://github.com/remoteinterview/compilebox