server (pages): impleted CSRF protection: A basic CSRF protection has been implemented using CSRF token. The token is created on session creation, and checked on data post. The process should be fully automatic, and a hidden field is added in forms in sat_templates when csrf_token is present in template data (require to import input/form.html with context). If token is wrong on absent, an unauthorized error page is returned (and client ip is logged). Also don't use anymore inlineCallbacks in _on_data_post, as StopIteration exception are catched by inlineCallbacks, resulting in bad behaviour. As a further security, getPostedDate raise a KeyError instead of StopIteration is a specific key is looked for and missing. Added HTTP_SEE_OTHER status code in constants.

12e889a683ce07bfdb66ca3952c93fd97329d70c SàT v0.2.0
732ed69ffe11a5116dc9f8e0b084d47cc3f5a658 SàT v0.3.0
f2c380af7304d65703cf2f88882d08b4236fd36e SàT v0.4.0
ff03fdb5215d31e65123da6646589f9393fcd929 SàT v0.5.0
9b217e14fc6a515902a66f719f3131250e83ea56 SàT v0.5.1
0af8a88ef6cd67563075f9daf2a66c4ce98c8443 0.6.0
3d372805f60c80f03bc59430581c5a8958ed436e 0.6.1