Better handling of basic xml entity codes

This release addresses some issues on escaping entity codes (e.g &) in xml document.

The new implementation can cause a slight breaking change:

• Converting from xml to js will decode the 5 entity codes & < > " ' into & < > " '. For example, & WILL be changed to & character (instead of keeping it &). Also, {sanitize: true} option is deprecated.
• Converting from js to xml will cause 3 characters & < > (instead of 5 characters) if found in node text to be transformed into & < >. And will cause 1 character " (instead of 5 characters) if found in node attribute to be transformed into ".

For more discussion, see this issue.