Sanitize translations instead of using _html

Using the `_html` suffix in an i18n key is the same as using `html_safe`
on it, which means that translation could potentially be used for XSS
attacks.

app/views/admin/site_customization/pages/_form.html.erb

@@ -32,7 +32,7 @@
 
     <div class="small-12 medium-6 column">
       <%= f.text_field :slug, size: 80, maxlength: 80,
-        hint: t("admin.site_customization.pages.new.slug_help_html") %>
+        hint: sanitize(t("admin.site_customization.pages.new.slug_help")) %>
     </div>
   </div>