Support non-ascii passwords: when forwarding requests, Content-Length should be byte length, not number of unicode chars.  issue #1631

Fix the tab order on the signup page.

This moves the assignment of params.email from the primary-controlled
URL hash (#CREATE_EMAIL= and #ADD_EMAIL=) into the verification block,
and adds bid.verifyEmail() to check them. Closes bug 758449.

support final property names in .request() API - issue #1643

Make the in dialog set-password flow work with requiredEmail.

* In set_password.ejs, only show the "cancel" button if not setting the initial password for a required email.
* Update required_email.js to handle the set-password in dialog flow.
* Clean up required_email.js so that it is easier to follow.
* Rename the "add_email_submit_with_secondary" message to "stage_email" - much clearer.
* Show a message whenever resetting the account password.

issue #1638
issue #1580

improve parameter-escaping

Fix the user being asked 4 times for a password when adding a secondary email to a primary account and verifying email ownership in a new browser.

show a tooltip when the user types a bad password in the add_email_address and verify_email_address screens.

Make the "is this your computer" screen keyboard navigable.

Add additional tests to check whether requiredEmail, tosURL and privacyURL parameters are passed to "start" when expected.

Add additional tests to check whether requiredEmail, tosURL and privacyURL parameters are passed to "start" when expected.

Nice work on this @jedp.  The update is clean, the code looks good, the tests pass, IE8 is happy.

r+

close #1613
KPI data privacy: whitelist filter data; blur timestamp

Move the requiredEmail checks from resources/state.js to controllers/dialog.js. 

Fix the user being asked 4 times for a password when adding a secondary email to a primary account and verifying email ownership in a new browser.

* When "email_staged" is triggered, trigger it with the password.
* Rename helpers.addSecondaryEmailWithPassword to helpers.addSecondaryEmail
* Add unit tests for helpers.addSecondaryEmail
* Yak shave the unit tests to clean them up so that they are easier to follow.

issue #1555

issue #1635

* Add the startExternalDependencies option when initializing the dialog controller, if set to false, no external dependencies are loaded.  Used for testing.
* Add a new test to check for script containing emails.
* Add unit tests for tosURL and privacyURL.
* Add a testHelpers.testErrorNotVisible
* Removed the actions.js->doError and its tests, it is no longer used.

Since validation is done earlier, invalid addresses are reported as with
renderError() instead of startAction("doError"). So the tests which
watch for doError are now failing (the frontend tests named
"resources/state: start with invalid requiredEmail - print error screen"
and "resources/state: start with empty requiredEmail - prints error
screen". I don't know how to make them watch for renderError() instead.

One upside of this patch is that @stomlinson told me the three-argument
to startAction("doError"..) in state.js was a bug, as it only accepts
two real arguments. Removing it is even easier than fixing it.

db.ping() must use the same application level query timing and reconnect...

db.ping() must use the same application level query timing and reconnection logic as other query types - issue #1608

Issue 1597 interaction data

Instead of showing an error message, show a tooltip when the user types a bad password in the add_email_address and verify_email_address screens.

issue #1557

* For the buttons, use id's instead of classes.
* Focus the "yes" button when the screen is shown.

issue #1582