explore: using rgrove/sanitize as the underlying sanitizer

[flavorjones]

(Rails Conf 2024 hack day project)

I emailed @rgrove back in early 2023 and said:

Frankly, my long-term idea is to update rails-html-sanitizer to use sanitize instead of
Loofah. Sanitize feels like a much better fit for the problem space and the API, would allow me
to potentially deprecate loofah's sanitizers over time, and would consolidate the community around
one flexible sanitization solution. Loofah remains a half-baked solution to this problem despite
the time I've put in over the years. So, you know, throw up the stop sign if you're at all worried
about having another gem be a default Rails dependency.