hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Without this, repository paths or names containing e.g. & characters or html
tags yielded strange results, possibly allowing cross-site scripting attacks.
{header}
<id>{urlbase}{url|urlescape}</id>
<link rel="self" href="{urlbase}{url|urlescape}atom-tags"/>
<link rel="alternate" href="{urlbase}{url|urlescape}tags"/>
<title>{repo|escape}: branches</title>
<summary>{repo|escape} branch history</summary>
<author><name>Mercurial SCM</name></author>
{latestentry%feedupdated}
{entries%branchentry}
</feed>