GitLab

As per discussion in #10:

* Make PyYAML import floating in 3.x (without pinning to 3.0.10)
* Move Mako import to new file requirements-optional.txt
* Update docs/installation/requirements.md to refer to requirements-optional.txt

A missing </div> was at times causing the footer to go out of place and cover
the form contents.

Two minor security fixes: construct secure URLs (for uwsgi, with examples) and
mark cookies as secure

Actually remove the X-Forwarded-SSL header from the Apache mod_wsgi snippet.

As per discussion in in #8 (primary mode of deployment is with mod_wsgi):

* Comment out the header setting at Django side and also move it from
  settings.py to local_settings.py (because it's now a customizable item).
* Change the header name to ````X-Forwarded-Protocol: https````
* Change the Apache recommendation to use the header name and take it out of
  the mod_uwsgi snippet - and instead add a new section describing
  mod_proxy_http as an option.

Django would be default use insecure cookies - that would be sent by the
browser also over plain http.  And administrative work requiring authenticated
sessions should be done over https - and therefore, the cookie should be marked
as secure.

This can be achived by setting:

    settings.SESSION_COOKIE_SECURE = True

As this is an essential security setting that shouldn't need additional tweaks,
adding the setting to settings.py (and not local_settings.py).

Django constructs redirect URLs as https only if request.is_secure() is true.

And that evaluates to true if either uwsgi sets wsgi.url_scheme to https, or
if the request header contains a key + value configured as a tuple in
settings.SECURE_PROXY_SSL_HEADER

As some parts might be accessed over plain http and some over https (if Apache
exposes both ports), the easiest is to:

* Use the conventional header:

        X-Forwarded-SSL: on

* Set this header from Apache SSL VirtualHost

* Configure Django to check for this header with:

        SECURE_PROXY_SSL_HEADER = ('X-Forwarded-SSL', 'on')

As this is an essential security setting that shouldn't need additional tweaks,
adding the setting to settings.py (and not local_settings.py).

Without this fix, the login form at /admin/ would upon successful login
redirect to plain http, even when accessed over https.

Allow AltLogin to redirect to target URLs

First step in the direction of allowing local login as a login method (besides SSO).

Fixes a logical issue that could be caused by editing InstServer properties

When a "next" parameter exists in the context, reuse it for the redirect
(instead of forcing redirect to /overview)

Conflicts:
	djnro/templates/partial/footer.html
	edumanage/templatetags/template_maybe.py

Conflicts:
	djnro/templates/partial/footer.html
	edumanage/templatetags/include_maybe.py

institutions" use case.

scrolling and dragging

MapEscape[1].
* Set up a js callback to automatically move Google maps controls
out of the scroll area (LEFT_CENTER, opposite of scroll helper).
* Use a simple jquery plugin to auto-limit map height to usable viewport
height upon load/resize/rotation (perhaps use CSS3 in the future).

[1] http://labs.codecomputerlove.com/MapEscape/

page and elsewhere).

This was just too complicated and presented a number of quirks for non fixed-
height overlayed elements.