Input that are cleaned via the noJS filter are safe to be displayed
This avoid double encoding to HTML.
noJS has a finite list of HTML tags allowed and everything else will be
escape. If we do not say the content is safe, the output of the noJS will
itself be escaped as well by jinja2.
Thus the sign '<' will be escaped as '<' by noJS and then by jinja2
making it appear as '<' instead of making is appear like '<'.
Fixes https://pagure.io/pagure/issue/336