hgweb: urlescape all urls, HTML escape repo/tag/branch/... names
Without this, repository paths or names containing e.g. & characters or html
tags yielded strange results, possibly allowing cross-site scripting attacks.
<script type="text/javascript">process_dates()</script>
<div class="page_footer">
<div class="page_footer_text">{repo|escape}</div>
<div class="rss_logo">
<a href="{url|urlescape}rss-log">RSS</a>
<a href="{url|urlescape}atom-log">Atom</a>
</div>
<br />
{motd}
</div>
</body>
</html>