When an annotation has not been saved yet, it does not have
a real ID. In these cases, it does not make sense to try to
send the empty ID over the RPC channel to try to display the
(yet) non-exisitent annotation card in the sidebar.

There is already some filtering for this on the other side,
but I think it makes sense to filter out invalid element
as soon as possible.

Node code changes, but uses the current syntax
for referencing the sourcemap files from the JS files.

(This makes FF complain less.)

Fixes #1219.
Fixes #1227.

This reverts commit 3607dc428494a62b583d05c2192167146e9c1707.

Fixes #1219.
Fixes #1227.

This library is needed for Internet Explorer compatibility.
The library is smart so it won't do anything unless installed.
And even its install is smart, so it'll detect the browser and
react accordingly.

This reverts commit 20dca37ee333684eb8f86bee722e4d308acea424.

Relates to #1200

1200 auth fixes

Relates to #1200

Relates to #1200

Respond to view value changes by watching the view value on the scope
rather than registering a view change listener. View change listeners
only fire on changes which are valid.

Be careful not to use the directive in combination with ng-hide or
ng-show since the CSS changes subvert the transition.

Improve the conditions for showing/hiding so that it considers the
validity of a field in addition to whether the field is pristine or
dirty.

Relates to #1200

Relates to #1200

Partially revert the changes made in https://github.com/hypothesis/h/commit/c840a620fc040ceb7941c9b50a379b9c271b0728. Fixes #1201.

When annotations are loaded/updated in either side, they will be
automatically transmitted to the other side by the bridbe plugin.

Then on the other side, the new data is merged into any existing one.

The problem is that when doing this merge, some fields (which are objects
themselves) should not be overwritten; they should be merged, too.

This change adds selective handling of the `target` field, which is
a list of objects. Now each individual target is merged, ever overwritten.

Furthermore, there are a few special cases when some fields
(inside targets) should not be updated at all.

Now those updates are refused.

Fixes #1198.

Close #468

Close #1001

Convert {username, provider} objects to strings.

Overhaul horus view handling

Refactor the views module to limit code exposure to horus.

- Implement a view mapper that acts on the horus class-based form
  views to coerce the result to a dictionary. This mapper pulls most
  of the request and response munging away from the horus view logic
  overrides, which are left as simple subclasses. Page views for horus
  now fire login/logout events and work around eventray/horus#43 for
  password resets.
- Improve error reporting by showing flash messages only for colander
  errors, letting horus handle the rest. Remove corresponding hack in
  client-side flash handling.

IE doesn't have the document.baseURI property.
This workaround constructs the baseURI if not present.