Automatically escape HTML

Summary:
This creates a class marking a string as safe for usage in HTML.
It automatically escapes everything else in phutil_tag().

It should simplify the code by removing all phutil_escape_html() used in phutil_tag().
It should also prevent XSS because it would be impossible to forget about escaping.
It should also prevent double escaping as phutil_escape_html(phutil_escape_html($s)) is safe.

The downside of this approach is that id(new PhutilHTML($s)).id(new PhutilHTML($s)) is a string that is not marked as HTML.
That's the reason why I've added the array semantics to $content.

I didn't measure the performance impact but if it wouldn't be horrible then I think it's worth it.

Test Plan: Loaded Phabricator homepage.

Reviewers: epriestley, btrahan

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T139

Differential Revision: https://secure.phabricator.com/D4499