This is in partial fulfillment of #3228.

Removing the `#html_safe` calls from this line avoids marking arbitrary strings
as safe when they are very likely not.

Providers of flash messages need to be refactored to manage the safety of the
buffers they provide.

Using `sanitize` cleans up flash messages with
`Rails::Html::WhiteListSanitizer`.

This view partial had originally marked all of the strings it received as
`#html_safe`, effectively trusting all content. Using sanitize essentially does
the opposite: distrusting all flash message content. Any tags or attributes not
in the
whitelist (https://github.com/flavorjones/loofah/blob/master/lib/loofah/html5/whitelist.rb)
will be removed, regardless of the source.

This seems like the best solution, since flash messages are serialized as
strings, so the providers cannot give us carefully constructed `#html_safe`
strings. In general, flash messages shouldn't require markup more complex than
basic formatting and links.

Fixes #3228
Connected to #3187