What's the best way to escape data from Models or Controllers to easily and safely display them in views. It seems kind of overkill to use html::specialchars($varname) for every data variable. It can also cause problems if a programmer forgets to "escape" data.
I've also encountered problems escaping ORM objects within loops.