Updating documentation in cookiesEnabled to include Android 4.0 default browser still passing the cookiesEnabled check with cookiesDisabled.

close #1542

* Create a list of pages where the cookie check should be run.

issue #1514

issue #1521

don't require that a user re-enter their password in dialog after email verification in a different browser.  Because the user just typed their password, attempt to authenticate them in the verification originating browser via the API.  If that works, then automatically log them in

* user.js: Update verifyEmail and verifyUser to take a password.
* network.js: Update completeEmailRegistration and completeUserRegistration to take a password.
* Replace verify_email_address.js and add_email_address.js with a single verify_secondary_address.js to reduce duplication.
* Update the templates.
* Bring back verify_email_address and add_email_address templates, but remove the verify password field.
* To dom-jquery, add show, hide functions.

* /wsapi/complete_email_addition no longer has to bcrypt the password, so the previously mentioned race condition should be a thing of the past.
* in pages/start.js, signUp is now a module so it has to be started.
* in controllers/actions.js doEmailConfirmed is no longer an action and is no longer needed.

* Move #thisIsNotMe button handler from the page_module to pick_email.
* Remove extra tests for the authenticate controller.
* use the alias for BrowserID.User in helpers.js
* Add password fields to the forgot page.

* helpers.addEmail triggers either "primary_user" or "add_email_submit_with_secondary"
* Add states to the stage machine to handle add_email_submit_with_secondary to either set a password or stage the user.
* Add two helper functions in storage.js, addPrimaryEmail and addSecondaryEmail

* Verify the user without checking for passwords on the verification pages.
* Update /wsapi/stage_email to take a password.
* Remove the password fields of the verify page forms.
* Set the password when adding an email address.

* Remove the forgot_password controller, templates, tests, etc.
* Update authenticate to trigger "new_user" with rehydration info
* Update set_password to be able to handle resetting passwords as well.
* Update the state machine to handle password setting or resetting.

* Update set password to handle either initial password set or a password reset
* Update network/user.js to handle passwords when creating new users or resetting passwords.

Update remaining reset_password test to deal with new flow when the user confirms the address.

* This fixes a problem where it is possible that a user takes more than 2 minutes to answer, making the already generated assertion invalid.
* A lot of general cleanup of the state machine.
* Push all post email selection flows to a new state, "email_valid_and_ready" which decides whether to ask the user the computer ownership status.
* Assertions are generated after the "is this your computer" is asked.
* doEmailChosen is replaced with doGenerateAssertion - there were multiple calls to generate an assertion, not very DRY.
* Fix a problem in network.js where a user who completes user registration should be marked as authenticated.
* rename email_chosen.js to generate_assertion.js to clarify its purpose.

issue #1460

issue #1508

issue #1496

* include.js - check to ensure the browser is supported before setting up the communication_iframe.  Adding the iframe in unsupported browsers will cause an exception within the iframe.

issue #1390

Conflicts:

	resources/static/include_js/include.js
	resources/static/shared/storage.js

* The catch all will print a console log message if console.log is available.
* Adding helpers.log which prints to the console if console.log is available.

* signin, signup, forgot, add_email_address, verify_email_address.
* to user.js->checkAuthentication, call the callback if cookies are disabled.

issue #1418
issue #1484

issue #1485

The modules were added to the main site, but never started.

issue #1396

Fix the broken test in check_registration.  It was starting the registration check twice, meaning there were two concurrent polls happening.

issue #1464

issue #1485

Generalize fix by adding to fixupURL.  fixupURL is used to clean all URLs that come from outside the dialog.

issue #1461

issue #1446

Fix primary email being set as most recently used if the user cancels redirect to authenticate with primary.

issue #968

* A little bit of cleanup to simplify the check_registration controller - there is only a back button now.
* In the ejs template, remove the href and id attributes from the strings passed to localizers. Always use back for the id.
* Add a test to make sure the correct messages are triggered whenever pressing the back button.

issue #1453

Update to @lloyd's pull request 1447 to ensure that cancel from required email verification still works.

* A bit of code cleanup in required_email.js to remove the extra "cancel" message that was never called.

pull request 1447

* Fix the password not being displayed if a user must auth on account validation.
* Fix the assertion not being immediately generated if user does not need to auth.

issue #1440

fix regression where an undefined second argument to .get() would cause a javascript error - issue #1442

fix regression where an undefined second argument to .get() would cause a javascript error - issue #1442

Place the entire "If you're at a public computer such as a library or internet cafe, we'll ask you..." on a single line.

This should fix the l10n extraction tools cutting the string off.

issue #1425