This moves the assignment of params.email from the primary-controlled
URL hash (#CREATE_EMAIL= and #ADD_EMAIL=) into the verification block,
and adds bid.verifyEmail() to check them. Closes bug 758449.

* In set_password.ejs, only show the "cancel" button if not setting the initial password for a required email.
* Update required_email.js to handle the set-password in dialog flow.
* Clean up required_email.js so that it is easier to follow.
* Rename the "add_email_submit_with_secondary" message to "stage_email" - much clearer.
* Show a message whenever resetting the account password.

issue #1638
issue #1580

Add additional tests to check whether requiredEmail, tosURL and privacyURL parameters are passed to "start" when expected.

Fix the user being asked 4 times for a password when adding a secondary email to a primary account and verifying email ownership in a new browser.

* When "email_staged" is triggered, trigger it with the password.
* Rename helpers.addSecondaryEmailWithPassword to helpers.addSecondaryEmail
* Add unit tests for helpers.addSecondaryEmail
* Yak shave the unit tests to clean them up so that they are easier to follow.

issue #1555

issue #1635

* Add the startExternalDependencies option when initializing the dialog controller, if set to false, no external dependencies are loaded.  Used for testing.
* Add a new test to check for script containing emails.
* Add unit tests for tosURL and privacyURL.
* Add a testHelpers.testErrorNotVisible
* Removed the actions.js->doError and its tests, it is no longer used.

Since validation is done earlier, invalid addresses are reported as with
renderError() instead of startAction("doError"). So the tests which
watch for doError are now failing (the frontend tests named
"resources/state: start with invalid requiredEmail - print error screen"
and "resources/state: start with empty requiredEmail - prints error
screen". I don't know how to make them watch for renderError() instead.

One upside of this patch is that @stomlinson told me the three-argument
to startAction("doError"..) in state.js was a bug, as it only accepts
two real arguments. Removing it is even easier than fixing it.

Instead of showing an error message, show a tooltip when the user types a bad password in the add_email_address and verify_email_address screens.

issue #1557

* For the buttons, use id's instead of classes.
* Focus the "yes" button when the screen is shown.

issue #1582

Specifically to get _.escape()

* Removed the .interactionData namespace from storage.js, created our first model - shared/models/interaction_data.js
* Simplified how data is stored into interaction_data, created current and staged sub-namespaces
* Added stageCurrent and publishStaged functions.
* in shared/modules/interaction_data.js, simplified calls to model.
* Tried to make the xhr mock make more sense and provide facilities usable for peeking at last XHR request data.

issue #1597

Make users who have not yet set their password by time they reach the landing page set their password.

issue #1592

when the server returns a 413 error for posting of interaction data, clear the data from local storage - issue #1567

issue #1581

insert a setTimeout between two main phases of assertion generation to prevent unresponsive script warnings in IE8 - issue #1575

* css/style.css - where relevant and opacity's are used, use filters for IE6 and IE7.
* shared/storage.js - when clearing localStorage if the user is not authenticated, call removeItem for the emails.  The call to JSON.stringify was blowing up.

issue #1529

Partial fix IE6 and IE7 blowing up on main site.  These browsers do not have Array.prototype.indexOf

issue #1552

Replace the removed `delete storage.interactionData` with localStorage.removeItem("interactionData") to avoid IE8 exceptions.

Consolidating exception logging, removing delete which can cause problems in Chrome. [Partially?] Fixes Issue#1546

Updating documentation in cookiesEnabled to include Android 4.0 default browser still passing the cookiesEnabled check with cookiesDisabled.

close #1542

added conformance tests.

tests should now pass
updated to jwcrypto that has proper callback delay guarantees and removed unnecessary setTimeouts

Updated all calls to jwcrypto to use the more intuitive API. Fixed a front-end test that was failing due to true asynchronicity of jwcrypto.

* If the controller's "continuation" option is specified, start saving data immediately to localStorage.
* in start.js, look for CREATE_EMAIL and ADD_EMAIL on the window.location.hash. If this exists, the dialog session is a continuation.
* Add some more tests.

Other notable changes:
* Send old interaction data irregardless of whether the current dialog session is collecting data.
* Because of this above change, simplified storage regarding data.
* Make sure when sampling is enabled, data is saved.
* Make sure when sampling is disabled, data is not saved.
* Added tests to test expected flow.