erp5_core: add an html viewer gadget.

This gadget take an HTML string as parameter.

It first cleans it up (with hardcoded behaviour currently) by dropping unknown tag elements, unknown/unsafe tag attributes. It is another protection layer on top of asStrippedHTML inside ERP5.

Then, it displays the output HTML and style it with an hardcoded set of rules.

erp5_core: use the html_viewer when the field is non editable

Stop using ck_editor in read_only to display HTML.

This allows to get rid of the ck_editor iframe, allowing a faster load and removing the iframe scroll. The maximise button is no more needed in such case.

It also removes all ck_editor links handling: links can be open in another browser tab now.

This changes impacts both xhtml style and erp5js.