Fix colour injection vulnerability.

The new validators already solve this problem, but as a second layer of defence, the generators should also be secured.  Issue #2637

generators/python/colour.js

@@ -31,7 +31,7 @@ goog.require('Blockly.Python');
 
 Blockly.Python['colour_picker'] = function(block) {
   // Colour picker.
-  var code = '\'' + block.getFieldValue('COLOUR') + '\'';
+  var code = Blockly.Python.quote_(block.getFieldValue('COLOUR'));
   return [code, Blockly.Python.ORDER_ATOMIC];
 };