Content_tag does not escape its input

Hello,

I've read the article of Yehuda Katz about the SafeBuffers in Rails 3
(http://yehudakatz.com/2010/02/01/safebuffers-and-rails-3-0/), and it
makes me discover that content_tag does not escape its input. I think
it's a security flaw that should be fixed before the release of Rails 3.0.0.

I've opened a ticket on lighthouse with a patch:
https://rails.lighthouseapp.com/projects/8994/tickets/3883-content_tag-does-not-escape-its-input.

I'll be glad if someone can review my patch.

Thanks,
Bruno Michel