This addresses cases where incoming emails doesn't include charset and
mailbox may include non-ascii characters.

Add other locations as well a failsafe for the htmlentities() call

Names parsed from incoming emails are stored in the database as is. This
pull request addresses potential XSS vulnerability due to improper display
of unsanitized names. Going forward names will be scrubbed on create.

htmLawed stripped/discarded <div> tags nested inside inline tags such as
<a>. The previous replacement engine would replace <img> tags with <div>
tags and would cause the HTML to be corrupted by htmLawed.

This patch uses <span> tags which have CSS rules to be displayed as
inline-blocks. This should stay truer to the normal sizing and placement of
the original <img> tag.

Also use single quotes instead of double quotes in style attributes which
do not require escaping to "

For instance, current this style we be converted as
```
<span style="font-family:'courier new';">
```
to
```
<span style="font-family:&quot;">
```

Also discard Microsoft Office specific style attributes such as `mso-list`
and friends

If there is content between to <style> elements, the content was previously
stripped by Format::safe_html function. This patch adjusts the regex to
strip tags such as <head>, <script> and <style> so that if content is found
between two of them, it will be preserved.

This approach will help detect responses to the ticket thread from mail
clients which do not include the References and In-Reply-To MIME headers.
This also allows the Subject line to continue to omit the ticket number.

Unfortunately, this is necessary because some mail clients send in content without defining
the charset or at worse using freaking wrong/invalid charsets like
'default'!

This is needed to help us remove invalid characters set by some mail
clients.

These functions don't appear to be used an could corrupt UTF-8 encoded text

Previously, html-like content would have to be run through Format::htmlchars
before being passed to Format::sanitize, because things that looked like
invalid html content would be removed.

This include URLs in embedded links as well as URLs for external images and
videos embedded via iframe elements.

Also ensure that the ticket thread is displayed in a <div> container as some
browsers seems to frown upon <iframe>s in <td> elements

Fixes #75

Also remove CSS properties from the style attribute that are browser
specific (like -webkit-* and such)

This provides better compatibility with mPDF, which doesn't support the CSS
white-space:pre-wrap property

Fix preg_replace bugs

Allow for type and encoding specification of the message body and better
describe the integration with custom form fields.

Upgrade to htmLawed 1.1.16

Remove @id attributes as they could confuse existing id attributes used for
styling and javascript.

Remove @class attributes except for standard ones used by Microsoft® office
which have entries in our thread stylesheet.