Add property to store XSS-cleaned wildcard value and magic method to retrieve it.

[kevinsmith]

I'm sure that like me, lots of folks are using these values in custom DB queries. Since user-input values should never be used in queries without sanitizing them, it makes sense to provide an XSS-cleaned version of the wildcard value.

And since xss_clean() has some overhead, we're holding off on doing it until the first time the property is requested.

[robsonsobral]

This looks indeed very useful.