Plone.tiles

--------------------

Breaking changes:

- Fix querystring en-/decoder to always skip primary fields
[datakurre]

--------------------

Bug fixes:

- Do not swallow ``AttributeError`` inside ``index()`` on template rendering.
[hvelarde]

- Fix code analysis errors.
[gforcada]

--------------------

Breaking changes:

- Tiles no longer add relative ``X-Tile-Url``-header in ``__call__``.
Tiles still add absolute ``X-Tile-Url``-header during traversal, but
it gets removed after rendering when request is not CSRF-authorized.
[datakurre]

- Generic ESI helper check now taht the request is authorized to render
the tile according to the registered view permission fo the tile.
[datakurre]

- Transactions of requests to ESI helper views are automatically aborted,
because ESI requests should always be immutable GET requests
[datakurre]

- plone.app.theming (transform) is now disabled with X-Theme-Disabled-header
for requests rendering tiles
[datakurre]

- plone.protect's ProtectTransform is skipped for tile requests with correct
CSRF token prevent its side-effects on tile editors rendering tiles
individually
[datakurre]

New features:

- Added X-Frame-Options -header for ESI-tile views with matching behavior
with plone.protect
[datakurre]

Bug fixes:

- Fix issue where ESI-tile helper views didn't get correct
Cache-Control-headers, because ESI-helpers views were not acquisition
wrapped
[datakurre]

------------------

Bug fixes:

- Fix issue where transient tile was unable to encode data
with list of unicode strings
[datakurre]

- Remove unused unittest2 requirement
[tomgross]

------------------

Bugfix:

- Fix encode error in nested unicodes (like in plone.app.querystring)
[tomgross]

- Restructure testing
[tomgross]

------------------

New features:

- Provide ignore_querystring form directive to mark particular tiles fields
that are not allowed to default data from query string data
[vangheem]