explore: using rgrove/sanitize as the underlying sanitizer

[flavorjones]

(Rails Conf 2024 hack day project)

I emailed @rgrove back in early 2023 and said:

Frankly, my long-term idea is to update rails-html-sanitizer to use sanitize instead of Loofah. Sanitize feels like a much better fit for the problem space and the API, would allow me to potentially deprecate loofah's sanitizers over time, and would consolidate the community around one flexible sanitization solution. Loofah remains a half-baked solution to this problem despite the time I've put in over the years. So, you know, throw up the stop sign if you're at all worried about having another gem be a default Rails dependency.