HTML Escape column filter data.

HTML Escape column filter data when it is read back from the the
configuration cookie to prevent potential XSS.

Unwanted side effect: Strings with single quotes won't work properly.  This
is annoying, but because filters are not anchored, you can always filter for
Brian instead of O'Brian.  (For example.)

Change-Id: I821e1ddc9169ff5e5b0434117d887d170bfa627e
1 file changed