Be more careful with escaping content in datagrids.
Review Request #9626 — Created Feb. 12, 2018 and submitted
Datagrids were assuming some content was HTML-safe. This wasn't
user-provided input, but rather labels passed to columns. While not
normally a problem, it could be problematic accidentally, depending on
label content and translations.
This changes most of the code to use
mark_safein several places, helping to protect against mistakes.
It also adds unit tests for
CheckboxColumn, which had the bulk of the
Unit tests pass.