htmlutils: improve js string escaping
- Moves/renames jsonutils.wash_for_js() function to htmlutils.escape_javascript_string() as this function would mostly be used to escape javascript in HTML context. Updates bfe_bookmark accordingly.
- No longer adds double-quotes around the returned string in order to be more flexible regarding the context in which the string is inserted.
- More complete escaping of Javascript chars when 'json' is not installed.
- Adds parameters to control the level of escaping, to be adjusted according to the context (HTML vs JS output, XHTML vs HTML, content-type, use of CDATA delimiters).
- Adds docstrings and unit tests.
- Merge note: fixed indentation in htmlutils.py.
- Merge note: cherry-picked from 86f6acbca4fe48a4af19940a6e6ab4344f5d0682.
Tested-by: Tibor Simko <tibor.simko@cern.ch>