Escape any un-escaped entities in purple_markup_html_to_xhtml when parsing out URLs, this prevents xmlnode errors and allows suppressing duplicate url <url> because the check whether the description matches the url is now comparing apples to apples. I have no idea if this breaks a bunch of other things that assumed these entities do not get escaped. I'm sure we'll find out sooner or later.