This reverts commit edddfa32.

[erp5_web_renderjs_ui] Update service worker code. Client_id is null when it is the first request, in other words if request is navigate mode. Since major web browsers already implement client_id, if client_is is null, let's use the latest cache and don't get cache_key from CACHE_MAP and erp5js_cache.

[erp5_web_renderjs_ui] If service worker failed to install cache, unregister this service worker explicitly.

The name must be different per web site, else if the same service worker code is used by multiple web sites in ERP5 web site module, service worker does not work correctly.

[erp5_web_renderjs_ui] Fix translation script. Get service worker filename from layout property. Don't hardcode it.

[erp5_web_renderjs_ui] New client can use the latest cache without waiting for the new service worker to be activated.

And once client was associated with a cache, client keeps using the same cache.

To preserve the consistency of code and data, let the new service worker wait until all tabs and windows of the old version are closed.

Don't give request object itself to cache.match. Firefox's Cache Storage does not work properly when VARY contains Accept-Language. Give URL string instead, then cache.match works on both Firefox and Chrome.

[erp5_web_renderjs_ui] Fix rjs_gadget_erp5_serviceworker.js. Use cache.add because safari does not support cache.addAll.

Collect a list of files from service worker code.

Fetch usage can be bypassed to do not use service worker when not needed.

As appcache has been dropped on Firefox, this change will improve the speed on Firefox.

No change is expected on Chrome/Safari.

This prevent getting DB read/write conflicts

Do not access form submission REQUEST from the listbox list method,
as it is rendered asynchronously in ERP5JS

This reverts commit 35b2c024.

Allow edition in the new UI

This make everything slow as hell and prevent to quickly save.

https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02

We choose Lax and not Strict so that we can open links to ERP5 from
external applications and so that OAuth Logins work. Implementing the
"two cookies, one for read one for write" approach suggested in
https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-8.8.2
would be too big change at this point.

SameSite=None breaks the compatibility with some browser versions.
https://www.chromium.org/updates/same-site/incompatible-clients

Allow python's cryptographically secure pseudorandom number generator for usage in restricted python and use it where it makes sense.

This also change the API of `Person_generatePassword` which no longer allow to control the number of letters and numbers.

/reviewed-on nexedi/erp5!847

This script no longer allow to control the number of letters and digit

Using same method as python 3.6's secrets module and a bit longer token
that what python currently recommends, since we were using very very
long tokens until now (so that it does not look like a "regression")

- use system random
- generate longer password with a larger space

API change in an incompatible way, it's no longer possible to control
the number of alpha and numeric. This was reducing a lot the number of
combinations, so it's better to break so that callers stop generating
too weak passwords.