diff --git a/.travis.yml b/.travis.yml
index f90895d369e..1bddb6a993f 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -4,7 +4,7 @@ before_install:
    - sudo apt-get -y install libtool automake autoconf autoconf-archive
    - sudo apt-get -y install texlive-latex-base texlive-latex-recommended
    - sudo apt-get -y install texlive-latex-extra texlive-fonts-recommended texinfo
-   - sudo apt-get -y install python-pygments python-docutils python-sphinx 
+   - sudo apt-get -y install python-pygments python-docutils python-sphinx
 before_script: ./bootstrap && ./configure
 script:
    - make distcheck
@@ -13,6 +13,7 @@ script:
    - grunt test
 language: erlang
 otp_release:
-   - R16B
+   - 17.0
+   - R16B03-1
    - R15B03
    - R14B04
diff --git a/INSTALL.Unix b/INSTALL.Unix
index a07055884db..f66f98cf0bd 100644
--- a/INSTALL.Unix
+++ b/INSTALL.Unix
@@ -39,10 +39,10 @@ Dependencies
 
 You should have the following installed:
 
- * Erlang OTP (>=R13B04, <R17)  (http://erlang.org/)
+ * Erlang OTP (>=R14B01, =<R17) (http://erlang.org/)
  * ICU                          (http://icu-project.org/)
  * OpenSSL                      (http://www.openssl.org/)
- * Mozilla SpiderMonkey (1.7)   (http://www.mozilla.org/js/spidermonkey/)
+ * Mozilla SpiderMonkey (1.8.5) (http://www.mozilla.org/js/spidermonkey/)
  * GNU Make                     (http://www.gnu.org/software/make/)
  * GNU Compiler Collection      (http://gcc.gnu.org/)
  * libcurl                      (http://curl.haxx.se/libcurl/)
@@ -94,20 +94,20 @@ RedHat-based (Fedora, Centos, RHEL) Systems
 
 You can install the dependencies by running:
 
-    sudo yum groupinstall "Development Tools"
     sudo yum install autoconf
     sudo yum install autoconf-archive
     sudo yum install automake
-    sudo yum install libtool
-    sudo yum install perl-Test-Harness
-    sudo yum install erlang-etap
+    sudo yum install curl-devel
+    sudo yum install erlang-asn1
     sudo yum install erlang-erts
-    sudo yum install erlang-os_mon
     sudo yum install erlang-eunit
-    sudo yum install libicu-devel
+    sudo yum install erlang-os_mon
+    sudo yum install erlang-xmerl
+    sudo yum install help2man
     sudo yum install js-devel
-    sudo yum install curl-devel
-    sudo yum install pkg-config
+    sudo yum install libicu-devel
+    sudo yum install libtool
+    sudo yum install perl-Test-Harness
 
 While CouchDB builds against the default js-devel-1.7.0 included in
 some distributions, it's recommended to use a more recent
diff --git a/acinclude.m4.in b/acinclude.m4.in
index db2f1496084..f947920cb83 100644
--- a/acinclude.m4.in
+++ b/acinclude.m4.in
@@ -17,10 +17,10 @@ m4_define([LOCAL_PACKAGE_TARNAME], [apache-couchdb])
 m4_define([LOCAL_PACKAGE_NAME], [Apache CouchDB])
 m4_define([LOCAL_BUG_URI], [https://issues.apache.org/jira/browse/COUCHDB])
 m4_define([LOCAL_VERSION_MAJOR], [1])
-m4_define([LOCAL_VERSION_MINOR], [6])
+m4_define([LOCAL_VERSION_MINOR], [7])
 m4_define([LOCAL_VERSION_REVISION], [0])
-m4_define([LOCAL_VERSION_STAGE], [+build])
-m4_define([LOCAL_VERSION_RELEASE], [.%revision%])
+m4_define([LOCAL_VERSION_STAGE], [])
+m4_define([LOCAL_VERSION_RELEASE], [])
 m4_define([LOCAL_VERSION_PRIMARY],
     [LOCAL_VERSION_MAJOR.LOCAL_VERSION_MINOR.LOCAL_VERSION_REVISION])
 m4_define([LOCAL_VERSION_SECONDARY],
diff --git a/bin/couchdb.tpl.in b/bin/couchdb.tpl.in
index 538ebcbce47..f2027f1ecb9 100644
--- a/bin/couchdb.tpl.in
+++ b/bin/couchdb.tpl.in
@@ -270,6 +270,9 @@ start_couchdb () {
         echo "Apache CouchDB has started, time to relax."
     else
         if test "$RECURSED" = "true"; then
+            # close stdout / stderr
+            exec 1>&-
+            exec 2>&-
             while true; do
                 export HEART_COMMAND
                 export HEART_BEAT_TIMEOUT
diff --git a/configure.ac b/configure.ac
index 57a4268a405..656758564ae 100644
--- a/configure.ac
+++ b/configure.ac
@@ -33,6 +33,10 @@ AC_DISABLE_STATIC
 AC_PROG_CC
 LT_INIT([win32-dll])
 LT_INIT
+AS_IF([test x"${enable_shared}" = "xno"], [
+  AC_MSG_ERROR([System as configured cannot build shared libraries.])
+])
+
 AC_PROG_LN_S
 
 PKG_PROG_PKG_CONFIG
@@ -411,23 +415,25 @@ esac
 
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking Erlang version compatibility" >&5
 $as_echo_n "checking Erlang version compatibility... " >&6; }
-erlang_version_error="The installed Erlang version must be >= R14B (erts-5.8.1) and <R17 (erts-5.11)"
+erlang_version_error="The installed Erlang version must be >= R14B (erts-5.8.1) and =< 17 (erts-6.0)"
 
 version="`${ERL} -version 2>&1 | ${SED} 's/[[^0-9]]/ /g'` 0 0 0"
 major_version=`echo $version | ${AWK} "{print \\$1}"`
 minor_version=`echo $version | ${AWK} "{print \\$2}"`
 patch_version=`echo $version | ${AWK} "{print \\$3}"`
+echo -n "detected Erlang version: $major_version.$minor_version.$patch_version..."
 
-if test $major_version -ne 5; then
-    as_fn_error $? "$erlang_version_error" "$LINENO" 5
+if test $major_version -lt 5 -o $major_version -gt 6; then
+    as_fn_error $? "$erlang_version_error major_version does not match" "$LINENO" 5
 fi
 
-if test $minor_version -lt 8 -o $minor_version -gt 10; then
-    as_fn_error $? "$erlang_version_error" "$LINENO" 5
+if test $major_version -eq 5 -a $minor_version -lt 8; then
+    as_fn_error $? "$erlang_version_error minor_version does not match" "$LINENO" 5
 fi
 
 AC_MSG_RESULT(compatible)
 
+# returns 17 for erts-6.0, and R14B03 or similar for earlier releases
 otp_release="`\
     ${ERL} -noshell \
     -eval 'io:put_chars(erlang:system_info(otp_release)).' \
@@ -435,8 +441,10 @@ otp_release="`\
 
 AC_SUBST(otp_release)
 
-AM_CONDITIONAL([USE_OTP_NIFS], [test x$otp_release \> xR13B03])
-AM_CONDITIONAL([USE_EJSON_COMPARE_NIF], [test x$otp_release \> xR14B03])
+AM_CONDITIONAL([USE_OTP_NIFS],
+    [can_use_nifs=$(echo $otp_release | grep -E "^(R14B|R15|R16|17)")])
+AM_CONDITIONAL([USE_EJSON_COMPARE_NIF],
+    [can_use_ejson=$(echo $otp_release | grep -E "^(R14B03|R15|R16|17)")])
 
 has_crypto=`\
     ${ERL} -eval "\
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in
index 934c6cd440c..f3b36eb09ee 100644
--- a/etc/couchdb/default.ini.tpl.in
+++ b/etc/couchdb/default.ini.tpl.in
@@ -68,7 +68,7 @@ include_sasl = true
 authentication_db = _users
 authentication_redirect = /_utils/session.html
 require_valid_user = false
-timeout = 600 ; number of seconds before automatic logout
+timeout = 600 ; The number of seconds before automatic logout. The minimum value is 60, and any value less 60 will be ignored.
 auth_cache_size = 50 ; size is number of cache entries
 allow_persistent_cookies = false ; set to true to allow persistent cookies
 iterations = 10 ; iterations for password hashing
diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini
index 8aae3315f99..b102881846c 100644
--- a/etc/couchdb/local.ini
+++ b/etc/couchdb/local.ini
@@ -75,6 +75,15 @@ verify_ssl_certificates = false
 ;verify_fun = {Module, VerifyFun}
 ; maximum peer certificate depth
 ssl_certificate_max_depth = 1
+;
+; Reject renegotiations that do not live up to RFC 5746.
+;secure_renegotiate = true
+; The cipher suites that should be supported.
+; Can be specified in erlang format "{ecdhe_ecdsa,aes_128_cbc,sha256}"
+; or in OpenSSL format "ECDHE-ECDSA-AES128-SHA256".
+;ciphers = ["ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA"]
+; The SSL/TLS versions to support
+;tls_versions = [sslv3, tlsv1, 'tlsv1.1', 'tlsv1.2']
 
 ; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All requests to
 ; the Virual Host will be redirected to the path. In the example below all requests
diff --git a/share/Makefile.am b/share/Makefile.am
index 84b91cb9a58..1598dfff6af 100644
--- a/share/Makefile.am
+++ b/share/Makefile.am
@@ -59,6 +59,7 @@ nobase_dist_localdata_DATA = \
     www/dialog/_admin_party.html \
     www/dialog/_change_password.html \
     www/dialog/_compact_cleanup.html \
+    www/dialog/_copy_document.html \
     www/dialog/_create_admin.html \
     www/dialog/_login.html \
     www/dialog/_signup.html \
@@ -101,6 +102,7 @@ nobase_dist_localdata_DATA = \
     www/image/bg.png \
     www/image/cancel.gif \
     www/image/compact.png \
+    www/image/copy.png \
     www/image/delete-mini.png \
     www/image/delete.png \
     www/image/grippie.gif \
@@ -142,7 +144,7 @@ nobase_dist_localdata_DATA = \
     www/script/jquery.editinline.js \
     www/script/jquery.form.js \
     www/script/jquery.js \
-    www/script/jquery-ui-1.8.11.custom.min.js \
+    www/script/jquery-ui-1.9.2.custom.min.js \
     www/script/jquery.resizer.js \
     www/script/jquery.suggest.js \
     www/script/json2.js \
diff --git a/share/doc/build/Makefile.am b/share/doc/build/Makefile.am
index f332e5c5510..7b95d0d4163 100644
--- a/share/doc/build/Makefile.am
+++ b/share/doc/build/Makefile.am
@@ -390,6 +390,7 @@ src_files = \
     ../src/cve/2012-5641.rst \
     ../src/cve/2012-5649.rst \
     ../src/cve/2012-5650.rst \
+    ../src/cve/2014-2668.rst \
     ../src/cve/index.rst \
     ../src/fauxton/addons.rst \
     ../src/fauxton/index.rst \
@@ -449,6 +450,7 @@ src_files_html = \
     ../templates/layout.html \
     ../templates/help.html \
     ../templates/searchbox.html \
+    ../templates/tracking.html \
     ../templates/utilities.html
 
 sphinx_extensions = \
diff --git a/share/doc/src/api/ddoc/views.rst b/share/doc/src/api/ddoc/views.rst
index 3d14396e9aa..4d0c8d8a79f 100644
--- a/share/doc/src/api/ddoc/views.rst
+++ b/share/doc/src/api/ddoc/views.rst
@@ -32,9 +32,9 @@
     Ignored if `include_docs` isn't ``true``. Default is ``false``
   :query boolean descending: Return the documents in descending by key order.
     Default is ``false``
-  :query string endkey: Stop returning records when the specified key is
+  :query json endkey: Stop returning records when the specified key is
     reached. *Optional*
-  :query string end_key: Alias for `endkey` param
+  :query json end_key: Alias for `endkey` param
   :query string endkey_docid: Stop returning records when the specified
     document ID is reached. *Optional*
   :query string end_key_doc_id: Alias for `endkey_docid` param
@@ -52,7 +52,7 @@
     compressed. Ignored if `include_docs` isn't ``true``. Default is ``false``.
   :query boolean inclusive_end: Specifies whether the specified end key should
     be included in the result. Default is ``true``
-  :query string key: Return only documents that match the specified key.
+  :query json key: Return only documents that match the specified key.
     *Optional*
   :query number limit: Limit the number of the returned documents to the
     specified number. *Optional*
@@ -61,9 +61,9 @@
     the results. Default is ``0``
   :query string stale: Allow the results from a stale view to be used.
     Supported values: ``ok`` and ``update_after``. *Optional*
-  :query string startkey: Return records starting with the specified key.
+  :query json startkey: Return records starting with the specified key.
     *Optional*
-  :query string start_key: Alias for `startkey` param
+  :query json start_key: Alias for `startkey` param
   :query string startkey_docid: Return records starting with the specified
     document ID. *Optional*
   :query string start_key_doc_id: Alias for `startkey_docid` param
diff --git a/share/doc/src/api/document/common.rst b/share/doc/src/api/document/common.rst
index bdd67027d83..1355a314933 100644
--- a/share/doc/src/api/document/common.rst
+++ b/share/doc/src/api/document/common.rst
@@ -247,14 +247,14 @@
   (latest) revision, either by using the ``rev`` parameter or by using the
   :header:`If-Match` header to specify the revision.
 
+  .. note::
+    CouchDB doesn't completely delete the specified document. Instead, it leaves
+    a tombstone with very basic information about the document. The tombstone
+    is required so that the delete action can be replicated across databases.
+
   .. seealso::
     :ref:`Retrieving Deleted Documents <api/doc/retrieving-deleted-documents>`
 
-  .. note::
-    CouchDB doesn't actually delete documents. The reason is the need to track
-    them correctly during the replication process between databases to prevent
-    accidental document recovery for any previous state.
-
   :param db: Database name
   :param docid: Document ID
   :<header Accept: - :mimetype:`application/json`
diff --git a/share/doc/src/config/http.rst b/share/doc/src/config/http.rst
index 1ae3abeaa33..4834f388f35 100644
--- a/share/doc/src/config/http.rst
+++ b/share/doc/src/config/http.rst
@@ -329,9 +329,12 @@ Secure Socket Level Options
 
   .. config:option:: cacert_file :: CA Certificate file
 
-    Path to file containing PEM encoded CA certificates (trusted certificates
-    used for verifying a peer certificate). May be omitted if you do not want
-    to verify the peer::
+    The path to a file containing PEM encoded CA certificates. The CA
+    certificates are used to build the server certificate chain, and for client
+    authentication. Also the CAs are used in the list of acceptable client CAs
+    passed to the client when a certificate is requested. May be omitted if
+    there is no need to verify the client and if there are not any intermediate
+    CAs for the server certificate::
 
       [ssl]
       cacert_file = /etc/ssl/certs/ca-certificates.crt
@@ -387,6 +390,36 @@ Secure Socket Level Options
       [ssl]
       verify_ssl_certificates = false
 
+  .. config:option:: secure_renegotiate :: Enable secure renegotiation
+
+    Set to `true` to reject renegotiation attempt that does not live up to
+    :rfc:`5746`::
+
+      [ssl]
+      secure_renegotiate = true
+
+    .. versionadded:: 1.7
+
+  .. config:option:: ciphers :: Specify permitted server cipher list
+
+    Set to the cipher suites that should be supported which can be
+    specified in erlang format "{ecdhe_ecdsa,aes_128_cbc,sha256}" or
+    in OpenSSL format "ECDHE-ECDSA-AES128-SHA256"::
+
+      [ssl]
+      ciphers = ["ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA"]
+
+    .. versionadded:: 1.7
+
+  .. config:option:: tls_versions :: Specify permitted server SSL/TLS protocol versions
+
+    Set to a list of permitted SSL/TLS protocol versions::
+
+      [ssl]
+      tls_versions = [sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2']
+
+    .. versionadded:: 1.7
+
 
 .. _cors:
 .. _config/cors:
diff --git a/share/doc/src/cve/2014-2668.rst b/share/doc/src/cve/2014-2668.rst
new file mode 100644
index 00000000000..5ccd2a47fe9
--- /dev/null
+++ b/share/doc/src/cve/2014-2668.rst
@@ -0,0 +1,54 @@
+.. Licensed under the Apache License, Version 2.0 (the "License"); you may not
+.. use this file except in compliance with the License. You may obtain a copy of
+.. the License at
+..
+..   http://www.apache.org/licenses/LICENSE-2.0
+..
+.. Unless required by applicable law or agreed to in writing, software
+.. distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+.. WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+.. License for the specific language governing permissions and limitations under
+.. the License.
+
+
+.. _cve/2014-2668:
+
+==================================================================================
+CVE-2014-2668: DoS (CPU and memory consumption) via the count parameter to /_uuids
+==================================================================================
+
+:Date: 26.03.2014
+
+:Affected: Apache CouchDB releases up to and including 1.3.1, 1.4.0,
+           and 1.5.0 are vulnerable.
+
+:Severity: Moderate
+
+:Vendor: The Apache Software Foundation
+
+Description
+===========
+
+The :ref:`api/server/uuids` resource's `count` query parameter is able to take
+unreasonable huge numeric value which leads to exhaustion of server resources
+(CPU and memory) and to DoS as the result.
+
+Mitigation
+==========
+
+Upgrade to a supported CouchDB release that includes this fix, such as:
+
+- :ref:`1.5.1 <release/1.5.1>`
+- :ref:`1.6.0 <release/1.6.0>`
+
+All listed releases have included a specific fix to
+
+Work-Around
+===========
+
+Disable the :ref:`api/server/uuids` handler completely, by adapting
+`local.ini` and restarting CouchDB::
+
+  [httpd_global_handlers]
+  _uuids =
+
diff --git a/share/doc/src/install/unix.rst b/share/doc/src/install/unix.rst
index 05e0459936e..76fe9225721 100644
--- a/share/doc/src/install/unix.rst
+++ b/share/doc/src/install/unix.rst
@@ -52,10 +52,10 @@ Dependencies
 
 You should have the following installed:
 
-* `Erlang OTP (>=R13B04, <R17)  <http://erlang.org/>`_
+* `Erlang OTP (>=R14B01, =<R17) <http://erlang.org/>`_
 * `ICU                          <http://icu-project.org/>`_
 * `OpenSSL                      <http://www.openssl.org/>`_
-* `Mozilla SpiderMonkey (1.7)   <http://www.mozilla.org/js/spidermonkey/>`_
+* `Mozilla SpiderMonkey (1.8.5) <http://www.mozilla.org/js/spidermonkey/>`_
 * `GNU Make                     <http://www.gnu.org/software/make/>`_
 * `GNU Compiler Collection      <http://gcc.gnu.org/>`_
 * `libcurl                      <http://curl.haxx.se/libcurl/>`_
@@ -102,19 +102,20 @@ RedHat-based (Fedora, Centos, RHEL) Systems
 
 You can install the dependencies by running::
 
-    sudo yum groupinstall "Development Tools"
     sudo yum install autoconf
     sudo yum install autoconf-archive
     sudo yum install automake
-    sudo yum install libtool
-    sudo yum install perl-Test-Harness
-    sudo yum install erlang-etap
+    sudo yum install curl-devel
+    sudo yum install erlang-asn1
     sudo yum install erlang-erts
-    sudo yum install erlang-os_mon
     sudo yum install erlang-eunit
-    sudo yum install libicu-devel
+    sudo yum install erlang-os_mon
+    sudo yum install erlang-xmerl
+    sudo yum install help2man
     sudo yum install js-devel
-    sudo yum install curl-devel
+    sudo yum install libicu-devel
+    sudo yum install libtool
+    sudo yum install perl-Test-Harness
 
 While CouchDB builds against the default js-devel-1.7.0 included in some
 distributions, it's recommended to use a more recent js-devel-1.8.5.
diff --git a/share/doc/src/whatsnew/1.3.rst b/share/doc/src/whatsnew/1.3.rst
index 7e697855cfa..3f19f56bc8d 100644
--- a/share/doc/src/whatsnew/1.3.rst
+++ b/share/doc/src/whatsnew/1.3.rst
@@ -21,6 +21,10 @@
    :depth: 1
    :local:
 
+.. warning::
+
+   :ref:`release/1.3.x` is affected by the issue described in :ref:`cve/2014-2668`.
+   Upgrading to a more recent release is strongly recommended.
 
 .. _release/1.3.x/upgrade:
 
diff --git a/share/doc/src/whatsnew/1.4.rst b/share/doc/src/whatsnew/1.4.rst
index cf10befe696..65925e176a5 100644
--- a/share/doc/src/whatsnew/1.4.rst
+++ b/share/doc/src/whatsnew/1.4.rst
@@ -21,6 +21,10 @@
    :depth: 1
    :local:
 
+.. warning::
+
+   :ref:`release/1.4.x` is affected by the issue described in :ref:`cve/2014-2668`.
+   Upgrading to a more recent release is strongly recommended.
 
 .. _release/1.4.x/upgrade:
 
diff --git a/share/doc/src/whatsnew/1.5.rst b/share/doc/src/whatsnew/1.5.rst
index 7f2d7509c37..1b7539a253f 100644
--- a/share/doc/src/whatsnew/1.5.rst
+++ b/share/doc/src/whatsnew/1.5.rst
@@ -21,6 +21,11 @@
    :depth: 1
    :local:
 
+.. warning::
+
+   :ref:`release/1.5.1` contains important security fixes. Previous `1.5.x`
+   releases are not recommended for regular usage.
+
 .. _release/1.5.1:
 
 Version 1.5.1
@@ -28,7 +33,7 @@ Version 1.5.1
 
 * Add the ``max_count`` option (:ref:`config/uuids`) to allow rate-limiting
   the amount of UUIDs that can be requested from the :ref:`api/server/uuids`
-  handler in a single request.
+  handler in a single request (:ref:`CVE 2014-2668 <cve/2014-2668>`).
 
 .. _release/1.5.0:
 
diff --git a/share/doc/src/whatsnew/1.6.rst b/share/doc/src/whatsnew/1.6.rst
index 7d93ff64d9e..69002155c77 100644
--- a/share/doc/src/whatsnew/1.6.rst
+++ b/share/doc/src/whatsnew/1.6.rst
@@ -21,34 +21,57 @@
    :depth: 1
    :local:
 
+.. warning::
+
+   :ref:`release/1.6.1` contains important patches to hash of passwords on
+   restart. The previous :ref:`release/1.6.0` release is not recommended for
+   usage as certain edge cases with admin passwords may prevent CouchDB from
+   starting.
+
 .. _release/1.6.x/upgrade:
 
-Upgrade Notes
-=============
+Deprecations
+============
 
 The :ref:`Proxy Authentication <api/auth/proxy>` handler was renamed to
-``proxy_authentication_handler`` to follow the ``*_authentication_handler`` form
+``proxy_authentication_handler`` to follow the ``*_authentication_handler`` from
 of all other handlers. The old ``proxy_authentification_handler`` name is marked
-as deprecated and will be removed in future releases. It's strongly recommended
-to update :config:option:`httpd/authentication_handlers` option with new value
-in case if you had used such handler.
+as deprecated and will be removed in future releases. It's highly recommended
+to update :config:option:`httpd/authentication_handlers` option with the new
+value if you have used such a handler.
+
+.. _release/1.6.1:
+
+Version 1.6.1
+=============
 
+A bugfix release to handle various edge cases related to admin password hashing.
+
+* :issue:`2298`: Hash plaintext admin passwords stored in ``local.ini`` on startup
+  :commit:`ed825d3`.
+* :issue:`2299`: Filter out local admin users before updating password hash in
+  ``_users`` db :commit:`5e46f3b`.
 
 .. _release/1.6.0:
 
 Version 1.6.0
 =============
 
-.. warning::
-
-   This version is not released yet.
-
+* :issue:`2200`: support Erlang/OTP 17.0 :commit:`35e16032`
 * Fauxton: many improvements in our experimental new user interface, including
   switching the code editor from CodeMirror to Ace as well as better support
   for various browsers.
+* Add the ``max_count`` option (:ref:`config/uuids`) to allow rate-limiting
+  the amount of UUIDs that can be requested from the :ref:`api/server/uuids`
+  handler in a single request (:ref:`CVE 2014-2668 <cve/2014-2668>`).
+* :issue:`1986`: increase socket buffer size to improve replication speed
+  for large documents and attachments, and fix tests on BSD-like systems.
+  :commit:`9a0e561b`
+* :issue:`1953`: improve performance of multipart/related requests.
+  :commit:`ce3e89dc`
+* :issue:`2221`: verify that authentication-related configuration settings
+  are well-formed. :commit:`dbe769c6`
 * :issue:`1922`: fix CORS exposed headers. :commit:`4f619833`
-* Rename ``proxy_authentification_handler`` to ``proxy_authentication_handler``.
-  :commit:`c66ac4a8`
 * :issue:`1795`: ensure the startup script clears the pid file on termination.
   :commit:`818ef4f9`
 * :issue:`1962`: replication can now be performed without having write access
@@ -61,7 +84,22 @@ Version 1.6.0
 * :issue:`1923`: add support for `attachments` and `att_encoding_info` options
   (formerly only available on the documents API) to the view API.
   :commit:`ca41964b`
+* :issue:`1780`: upgrade password hashes from SHA-1 to PBKDF2 scheme on
+  successful authentication. :commit:`34888938`
+* :issue:`2059`: allow run-time configuration of maximum URL length.
+  :commit:`f7ca266b`
+* :issue:`2054`: accept gzipped JSON request bodies. :commit:`4d893387`
+* Rename ``proxy_authentification_handler`` to ``proxy_authentication_handler``.
+  :commit:`c66ac4a8`
 * :issue:`1647`: for failed replications originating from a document in the
   `_replicator` database, store the failure reason in the document.
   :commit:`08cac68b`
-* A number of improvements for the documentation.
+* :issue:`2053`: send better error messages when both `key` and `keys`
+  parameters are specified in view requests. :commit:`2bc07840`
+* :issue:`2040`: send better error messages when incorrect checksums
+  are encountered during compaction. :commit:`e7fdc16a`
+* :issue:`2028`: allow intermedia certificates when using SSL/TLS.
+  :commit:`2d080449`
+* :issue:`2031`: fix rewriting of paths with query string parameters.
+  :commit:`37c84596`
+* Numerous improvements to the documentation.
diff --git a/share/www/dialog/_copy_document.html b/share/www/dialog/_copy_document.html
new file mode 100644
index 00000000000..fe49e819966
--- /dev/null
+++ b/share/www/dialog/_copy_document.html
@@ -0,0 +1,29 @@
+<!--
+
+Licensed under the Apache License, Version 2.0 (the "License"); you may not use
+this file except in compliance with the License.  You may obtain a copy of the
+License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed
+under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+CONDITIONS OF ANY KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations under the License.
+
+-->
+<form action="" method="post">
+  <h2>Copy Document</h2>
+  <fieldset>
+    <p class="help help-copy">
+      Please enter a unique ID of the document:
+    </p>
+    <table summary="" class="help-copy"><tbody><tr>
+      <td><input type="text" name="docid" size="32"></td>
+    </tr></table>
+  </fieldset>
+  <div class="buttons">
+    <button type="submit">Copy</button>
+    <button type="button" class="cancel">Cancel</button>
+  </div>
+</form>
diff --git a/share/www/document.html b/share/www/document.html
index e041cd9f0b8..1509475b72e 100644
--- a/share/www/document.html
+++ b/share/www/document.html
@@ -55,6 +55,7 @@
         $("#toolbar button.save").click(page.saveDocument);
         $("#toolbar button.add").click(page.addField);
         $("#toolbar button.load").click(page.uploadAttachment);
+        $("#toolbar button.copy").click(page.copyDocument);
         if (page.isNew) {
           $("#toolbar button.delete").hide();
         } else {
@@ -76,6 +77,7 @@ <h1>
         <li><button class="save">Save Document</button></li>
         <li><button class="add">Add Field</button></li>
         <li><button class="load">Upload Attachment…</button></li>
+        <li><button class="copy">Copy Document…</button></li>
         <li><button class="delete">Delete Document…</button></li>
       </ul>
 
diff --git a/share/www/image/copy.png b/share/www/image/copy.png
new file mode 100644
index 00000000000..07b4f79159a
Binary files /dev/null and b/share/www/image/copy.png differ
diff --git a/share/www/replicator.html b/share/www/replicator.html
index eb6ecc07661..79d136acfb6 100644
--- a/share/www/replicator.html
+++ b/share/www/replicator.html
@@ -25,7 +25,7 @@
     <script src="script/jquery.couch.js"></script>
     <script src="script/jquery.dialog.js"></script>
     <script src="script/futon.js"></script>
-    <script src="script/jquery-ui-1.8.11.custom.min.js"></script>
+    <script src="script/jquery-ui-1.9.2.custom.min.js"></script>
     <script>
       $(document).ready(function() {
         var allDatabases;
@@ -103,13 +103,33 @@
           if ($("#continuous")[0].checked) {
             repOpts.continuous = true;
           }
+
+          if ($("#doc_ids").val()){
+            try {
+               var doc_ids = JSON.parse($("#doc_ids").val());
+               if ($.isArray(doc_ids)) {
+                  repOpts.doc_ids = doc_ids;
+               } else {
+                  $("#records tbody.footer td")
+                    .text('Invalid format! Should be: ["doc1", "doc2", ...]'); 
+                  return false;
+               }
+            } catch (e) {
+               $("#records tbody.footer td")
+                 .text('Invalid format! Should be: ["doc1", "doc2", ...]');
+               return false;
+            }
+          }
           $.couch.replicate(source, target, {
             success: function(resp) {
-              if (resp._local_id) {
+              if ( resp.history == null || resp._local_id) {
                 $("<tr><th></th></tr>")
                   .find("th").text(JSON.stringify(resp)).end()
                   .appendTo("#records tbody.content");
                 $("#records tbody tr").removeClass("odd").filter(":odd").addClass("odd");
+                $("#records tbody.footer td")
+                  .text((resp._local_id)? "Continuous replication" :
+                                          "Named document replication");
               } else {
                 $.each(resp.history, function(idx, record) {
                   $("<tr><th></th></tr>")
@@ -163,6 +183,7 @@ <h1>
           </p>
         </fieldset>
         <p class="actions">
+          <label style="float: left; padding-left: 5px">Document IDs: <input type="text" id="doc_ids" name="doc_ids" size="25" value=""></label>
           <label><input type="checkbox" name="continuous" value="continuous" id="continuous"> Continuous</label>
           <button id="replicate" type="button">Replicate</button>
         </p>
diff --git a/share/www/script/futon.browse.js b/share/www/script/futon.browse.js
index 241164c6e6e..75b1624f2fc 100644
--- a/share/www/script/futon.browse.js
+++ b/share/www/script/futon.browse.js
@@ -1094,6 +1094,37 @@
         });
       }
 
+      this.copyDocument = function() {
+        if (page.isDirty) {
+          alert("You need to save or revert any changes you have made to the " +
+                "document before you can copy it.");
+            return false;
+        }
+        $.showDialog("dialog/_copy_document.html", {
+          submit: function (data, callback) {
+            if (!data.docid || data.docid.length == 0) {
+              callback({docid: "Please enter a document ID."});
+              return;
+            }
+            db.copyDoc(
+              page.doc._id,
+              {
+                docid: data.docid
+              },
+              {
+                error: function (status, error, reason) {
+                  callback({docid: reason});
+              },
+                success: function (resp) {
+                  location.href = "document.html?"
+                                + encodeURIComponent(dbName)
+                                + "/" + $.couch.encodeDocId(resp.id);
+              }
+            });
+          }
+        });
+      };
+
       window.onbeforeunload = function() {
         if (page.isDirty) {
           return "You've made changes to this document that have not been " +
diff --git a/share/www/script/futon.js b/share/www/script/futon.js
index 409becc500f..07238390c65 100644
--- a/share/www/script/futon.js
+++ b/share/www/script/futon.js
@@ -335,7 +335,7 @@ function $$(node) {
           name = encodeURIComponent(name);
           $("#dbs").append("<li>" +
             "<button class='remove' title='Remove from list' value='" + name + "'></button>" +
-            "<a href='database.html?" + name + "' title='" + name + "'>" + name +
+            "<a href='database.html?" + name + "' title='" + name + "'>" + decodeURIComponent(name) +
             "</a></li>");
         }
       });
diff --git a/share/www/script/jquery-ui-1.8.11.custom.min.js b/share/www/script/jquery-ui-1.8.11.custom.min.js
deleted file mode 100644
index 45b927e0316..00000000000
--- a/share/www/script/jquery-ui-1.8.11.custom.min.js
+++ /dev/null
@@ -1,81 +0,0 @@
-/*!
- * jQuery UI 1.8.11
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI
- */
-(function(c,j){function k(a){return!c(a).parents().andSelf().filter(function(){return c.curCSS(this,"visibility")==="hidden"||c.expr.filters.hidden(this)}).length}c.ui=c.ui||{};if(!c.ui.version){c.extend(c.ui,{version:"1.8.11",keyCode:{ALT:18,BACKSPACE:8,CAPS_LOCK:20,COMMA:188,COMMAND:91,COMMAND_LEFT:91,COMMAND_RIGHT:93,CONTROL:17,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,INSERT:45,LEFT:37,MENU:93,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,
-NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SHIFT:16,SPACE:32,TAB:9,UP:38,WINDOWS:91}});c.fn.extend({_focus:c.fn.focus,focus:function(a,b){return typeof a==="number"?this.each(function(){var d=this;setTimeout(function(){c(d).focus();b&&b.call(d)},a)}):this._focus.apply(this,arguments)},scrollParent:function(){var a;a=c.browser.msie&&/(static|relative)/.test(this.css("position"))||/absolute/.test(this.css("position"))?this.parents().filter(function(){return/(relative|absolute|fixed)/.test(c.curCSS(this,
-"position",1))&&/(auto|scroll)/.test(c.curCSS(this,"overflow",1)+c.curCSS(this,"overflow-y",1)+c.curCSS(this,"overflow-x",1))}).eq(0):this.parents().filter(function(){return/(auto|scroll)/.test(c.curCSS(this,"overflow",1)+c.curCSS(this,"overflow-y",1)+c.curCSS(this,"overflow-x",1))}).eq(0);return/fixed/.test(this.css("position"))||!a.length?c(document):a},zIndex:function(a){if(a!==j)return this.css("zIndex",a);if(this.length){a=c(this[0]);for(var b;a.length&&a[0]!==document;){b=a.css("position");
-if(b==="absolute"||b==="relative"||b==="fixed"){b=parseInt(a.css("zIndex"),10);if(!isNaN(b)&&b!==0)return b}a=a.parent()}}return 0},disableSelection:function(){return this.bind((c.support.selectstart?"selectstart":"mousedown")+".ui-disableSelection",function(a){a.preventDefault()})},enableSelection:function(){return this.unbind(".ui-disableSelection")}});c.each(["Width","Height"],function(a,b){function d(f,g,l,m){c.each(e,function(){g-=parseFloat(c.curCSS(f,"padding"+this,true))||0;if(l)g-=parseFloat(c.curCSS(f,
-"border"+this+"Width",true))||0;if(m)g-=parseFloat(c.curCSS(f,"margin"+this,true))||0});return g}var e=b==="Width"?["Left","Right"]:["Top","Bottom"],h=b.toLowerCase(),i={innerWidth:c.fn.innerWidth,innerHeight:c.fn.innerHeight,outerWidth:c.fn.outerWidth,outerHeight:c.fn.outerHeight};c.fn["inner"+b]=function(f){if(f===j)return i["inner"+b].call(this);return this.each(function(){c(this).css(h,d(this,f)+"px")})};c.fn["outer"+b]=function(f,g){if(typeof f!=="number")return i["outer"+b].call(this,f);return this.each(function(){c(this).css(h,
-d(this,f,true,g)+"px")})}});c.extend(c.expr[":"],{data:function(a,b,d){return!!c.data(a,d[3])},focusable:function(a){var b=a.nodeName.toLowerCase(),d=c.attr(a,"tabindex");if("area"===b){b=a.parentNode;d=b.name;if(!a.href||!d||b.nodeName.toLowerCase()!=="map")return false;a=c("img[usemap=#"+d+"]")[0];return!!a&&k(a)}return(/input|select|textarea|button|object/.test(b)?!a.disabled:"a"==b?a.href||!isNaN(d):!isNaN(d))&&k(a)},tabbable:function(a){var b=c.attr(a,"tabindex");return(isNaN(b)||b>=0)&&c(a).is(":focusable")}});
-c(function(){var a=document.body,b=a.appendChild(b=document.createElement("div"));c.extend(b.style,{minHeight:"100px",height:"auto",padding:0,borderWidth:0});c.support.minHeight=b.offsetHeight===100;c.support.selectstart="onselectstart"in b;a.removeChild(b).style.display="none"});c.extend(c.ui,{plugin:{add:function(a,b,d){a=c.ui[a].prototype;for(var e in d){a.plugins[e]=a.plugins[e]||[];a.plugins[e].push([b,d[e]])}},call:function(a,b,d){if((b=a.plugins[b])&&a.element[0].parentNode)for(var e=0;e<b.length;e++)a.options[b[e][0]]&&
-b[e][1].apply(a.element,d)}},contains:function(a,b){return document.compareDocumentPosition?a.compareDocumentPosition(b)&16:a!==b&&a.contains(b)},hasScroll:function(a,b){if(c(a).css("overflow")==="hidden")return false;b=b&&b==="left"?"scrollLeft":"scrollTop";var d=false;if(a[b]>0)return true;a[b]=1;d=a[b]>0;a[b]=0;return d},isOverAxis:function(a,b,d){return a>b&&a<b+d},isOver:function(a,b,d,e,h,i){return c.ui.isOverAxis(a,d,h)&&c.ui.isOverAxis(b,e,i)}})}})(jQuery);
-;/*!
- * jQuery UI Widget 1.8.11
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Widget
- */
-(function(b,j){if(b.cleanData){var k=b.cleanData;b.cleanData=function(a){for(var c=0,d;(d=a[c])!=null;c++)b(d).triggerHandler("remove");k(a)}}else{var l=b.fn.remove;b.fn.remove=function(a,c){return this.each(function(){if(!c)if(!a||b.filter(a,[this]).length)b("*",this).add([this]).each(function(){b(this).triggerHandler("remove")});return l.call(b(this),a,c)})}}b.widget=function(a,c,d){var e=a.split(".")[0],f;a=a.split(".")[1];f=e+"-"+a;if(!d){d=c;c=b.Widget}b.expr[":"][f]=function(h){return!!b.data(h,
-a)};b[e]=b[e]||{};b[e][a]=function(h,g){arguments.length&&this._createWidget(h,g)};c=new c;c.options=b.extend(true,{},c.options);b[e][a].prototype=b.extend(true,c,{namespace:e,widgetName:a,widgetEventPrefix:b[e][a].prototype.widgetEventPrefix||a,widgetBaseClass:f},d);b.widget.bridge(a,b[e][a])};b.widget.bridge=function(a,c){b.fn[a]=function(d){var e=typeof d==="string",f=Array.prototype.slice.call(arguments,1),h=this;d=!e&&f.length?b.extend.apply(null,[true,d].concat(f)):d;if(e&&d.charAt(0)==="_")return h;
-e?this.each(function(){var g=b.data(this,a),i=g&&b.isFunction(g[d])?g[d].apply(g,f):g;if(i!==g&&i!==j){h=i;return false}}):this.each(function(){var g=b.data(this,a);g?g.option(d||{})._init():b.data(this,a,new c(d,this))});return h}};b.Widget=function(a,c){arguments.length&&this._createWidget(a,c)};b.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",options:{disabled:false},_createWidget:function(a,c){b.data(c,this.widgetName,this);this.element=b(c);this.options=b.extend(true,{},this.options,
-this._getCreateOptions(),a);var d=this;this.element.bind("remove."+this.widgetName,function(){d.destroy()});this._create();this._trigger("create");this._init()},_getCreateOptions:function(){return b.metadata&&b.metadata.get(this.element[0])[this.widgetName]},_create:function(){},_init:function(){},destroy:function(){this.element.unbind("."+this.widgetName).removeData(this.widgetName);this.widget().unbind("."+this.widgetName).removeAttr("aria-disabled").removeClass(this.widgetBaseClass+"-disabled ui-state-disabled")},
-widget:function(){return this.element},option:function(a,c){var d=a;if(arguments.length===0)return b.extend({},this.options);if(typeof a==="string"){if(c===j)return this.options[a];d={};d[a]=c}this._setOptions(d);return this},_setOptions:function(a){var c=this;b.each(a,function(d,e){c._setOption(d,e)});return this},_setOption:function(a,c){this.options[a]=c;if(a==="disabled")this.widget()[c?"addClass":"removeClass"](this.widgetBaseClass+"-disabled ui-state-disabled").attr("aria-disabled",c);return this},
-enable:function(){return this._setOption("disabled",false)},disable:function(){return this._setOption("disabled",true)},_trigger:function(a,c,d){var e=this.options[a];c=b.Event(c);c.type=(a===this.widgetEventPrefix?a:this.widgetEventPrefix+a).toLowerCase();d=d||{};if(c.originalEvent){a=b.event.props.length;for(var f;a;){f=b.event.props[--a];c[f]=c.originalEvent[f]}}this.element.trigger(c,d);return!(b.isFunction(e)&&e.call(this.element[0],c,d)===false||c.isDefaultPrevented())}}})(jQuery);
-;/*
- * jQuery UI Position 1.8.11
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Position
- */
-(function(c){c.ui=c.ui||{};var n=/left|center|right/,o=/top|center|bottom/,t=c.fn.position,u=c.fn.offset;c.fn.position=function(b){if(!b||!b.of)return t.apply(this,arguments);b=c.extend({},b);var a=c(b.of),d=a[0],g=(b.collision||"flip").split(" "),e=b.offset?b.offset.split(" "):[0,0],h,k,j;if(d.nodeType===9){h=a.width();k=a.height();j={top:0,left:0}}else if(d.setTimeout){h=a.width();k=a.height();j={top:a.scrollTop(),left:a.scrollLeft()}}else if(d.preventDefault){b.at="left top";h=k=0;j={top:b.of.pageY,
-left:b.of.pageX}}else{h=a.outerWidth();k=a.outerHeight();j=a.offset()}c.each(["my","at"],function(){var f=(b[this]||"").split(" ");if(f.length===1)f=n.test(f[0])?f.concat(["center"]):o.test(f[0])?["center"].concat(f):["center","center"];f[0]=n.test(f[0])?f[0]:"center";f[1]=o.test(f[1])?f[1]:"center";b[this]=f});if(g.length===1)g[1]=g[0];e[0]=parseInt(e[0],10)||0;if(e.length===1)e[1]=e[0];e[1]=parseInt(e[1],10)||0;if(b.at[0]==="right")j.left+=h;else if(b.at[0]==="center")j.left+=h/2;if(b.at[1]==="bottom")j.top+=
-k;else if(b.at[1]==="center")j.top+=k/2;j.left+=e[0];j.top+=e[1];return this.each(function(){var f=c(this),l=f.outerWidth(),m=f.outerHeight(),p=parseInt(c.curCSS(this,"marginLeft",true))||0,q=parseInt(c.curCSS(this,"marginTop",true))||0,v=l+p+(parseInt(c.curCSS(this,"marginRight",true))||0),w=m+q+(parseInt(c.curCSS(this,"marginBottom",true))||0),i=c.extend({},j),r;if(b.my[0]==="right")i.left-=l;else if(b.my[0]==="center")i.left-=l/2;if(b.my[1]==="bottom")i.top-=m;else if(b.my[1]==="center")i.top-=
-m/2;i.left=Math.round(i.left);i.top=Math.round(i.top);r={left:i.left-p,top:i.top-q};c.each(["left","top"],function(s,x){c.ui.position[g[s]]&&c.ui.position[g[s]][x](i,{targetWidth:h,targetHeight:k,elemWidth:l,elemHeight:m,collisionPosition:r,collisionWidth:v,collisionHeight:w,offset:e,my:b.my,at:b.at})});c.fn.bgiframe&&f.bgiframe();f.offset(c.extend(i,{using:b.using}))})};c.ui.position={fit:{left:function(b,a){var d=c(window);d=a.collisionPosition.left+a.collisionWidth-d.width()-d.scrollLeft();b.left=
-d>0?b.left-d:Math.max(b.left-a.collisionPosition.left,b.left)},top:function(b,a){var d=c(window);d=a.collisionPosition.top+a.collisionHeight-d.height()-d.scrollTop();b.top=d>0?b.top-d:Math.max(b.top-a.collisionPosition.top,b.top)}},flip:{left:function(b,a){if(a.at[0]!=="center"){var d=c(window);d=a.collisionPosition.left+a.collisionWidth-d.width()-d.scrollLeft();var g=a.my[0]==="left"?-a.elemWidth:a.my[0]==="right"?a.elemWidth:0,e=a.at[0]==="left"?a.targetWidth:-a.targetWidth,h=-2*a.offset[0];b.left+=
-a.collisionPosition.left<0?g+e+h:d>0?g+e+h:0}},top:function(b,a){if(a.at[1]!=="center"){var d=c(window);d=a.collisionPosition.top+a.collisionHeight-d.height()-d.scrollTop();var g=a.my[1]==="top"?-a.elemHeight:a.my[1]==="bottom"?a.elemHeight:0,e=a.at[1]==="top"?a.targetHeight:-a.targetHeight,h=-2*a.offset[1];b.top+=a.collisionPosition.top<0?g+e+h:d>0?g+e+h:0}}}};if(!c.offset.setOffset){c.offset.setOffset=function(b,a){if(/static/.test(c.curCSS(b,"position")))b.style.position="relative";var d=c(b),
-g=d.offset(),e=parseInt(c.curCSS(b,"top",true),10)||0,h=parseInt(c.curCSS(b,"left",true),10)||0;g={top:a.top-g.top+e,left:a.left-g.left+h};"using"in a?a.using.call(b,g):d.css(g)};c.fn.offset=function(b){var a=this[0];if(!a||!a.ownerDocument)return null;if(b)return this.each(function(){c.offset.setOffset(this,b)});return u.call(this)}}})(jQuery);
-;/*
- * jQuery UI Autocomplete 1.8.11
- *
- * Copyright 2011, AUTHORS.txt (http://jqueryui.com/about)
- * Dual licensed under the MIT or GPL Version 2 licenses.
- * http://jquery.org/license
- *
- * http://docs.jquery.com/UI/Autocomplete
- *
- * Depends:
- *	jquery.ui.core.js
- *	jquery.ui.widget.js
- *	jquery.ui.position.js
- */
-(function(d){var e=0;d.widget("ui.autocomplete",{options:{appendTo:"body",autoFocus:false,delay:300,minLength:1,position:{my:"left top",at:"left bottom",collision:"none"},source:null},pending:0,_create:function(){var a=this,b=this.element[0].ownerDocument,g;this.element.addClass("ui-autocomplete-input").attr("autocomplete","off").attr({role:"textbox","aria-autocomplete":"list","aria-haspopup":"true"}).bind("keydown.autocomplete",function(c){if(!(a.options.disabled||a.element.attr("readonly"))){g=
-false;var f=d.ui.keyCode;switch(c.keyCode){case f.PAGE_UP:a._move("previousPage",c);break;case f.PAGE_DOWN:a._move("nextPage",c);break;case f.UP:a._move("previous",c);c.preventDefault();break;case f.DOWN:a._move("next",c);c.preventDefault();break;case f.ENTER:case f.NUMPAD_ENTER:if(a.menu.active){g=true;c.preventDefault()}case f.TAB:if(!a.menu.active)return;a.menu.select(c);break;case f.ESCAPE:a.element.val(a.term);a.close(c);break;default:clearTimeout(a.searching);a.searching=setTimeout(function(){if(a.term!=
-a.element.val()){a.selectedItem=null;a.search(null,c)}},a.options.delay);break}}}).bind("keypress.autocomplete",function(c){if(g){g=false;c.preventDefault()}}).bind("focus.autocomplete",function(){if(!a.options.disabled){a.selectedItem=null;a.previous=a.element.val()}}).bind("blur.autocomplete",function(c){if(!a.options.disabled){clearTimeout(a.searching);a.closing=setTimeout(function(){a.close(c);a._change(c)},150)}});this._initSource();this.response=function(){return a._response.apply(a,arguments)};
-this.menu=d("<ul></ul>").addClass("ui-autocomplete").appendTo(d(this.options.appendTo||"body",b)[0]).mousedown(function(c){var f=a.menu.element[0];d(c.target).closest(".ui-menu-item").length||setTimeout(function(){d(document).one("mousedown",function(h){h.target!==a.element[0]&&h.target!==f&&!d.ui.contains(f,h.target)&&a.close()})},1);setTimeout(function(){clearTimeout(a.closing)},13)}).menu({focus:function(c,f){f=f.item.data("item.autocomplete");false!==a._trigger("focus",c,{item:f})&&/^key/.test(c.originalEvent.type)&&
-a.element.val(f.value)},selected:function(c,f){var h=f.item.data("item.autocomplete"),i=a.previous;if(a.element[0]!==b.activeElement){a.element.focus();a.previous=i;setTimeout(function(){a.previous=i;a.selectedItem=h},1)}false!==a._trigger("select",c,{item:h})&&a.element.val(h.value);a.term=a.element.val();a.close(c);a.selectedItem=h},blur:function(){a.menu.element.is(":visible")&&a.element.val()!==a.term&&a.element.val(a.term)}}).zIndex(this.element.zIndex()+1).css({top:0,left:0}).hide().data("menu");
-d.fn.bgiframe&&this.menu.element.bgiframe()},destroy:function(){this.element.removeClass("ui-autocomplete-input").removeAttr("autocomplete").removeAttr("role").removeAttr("aria-autocomplete").removeAttr("aria-haspopup");this.menu.element.remove();d.Widget.prototype.destroy.call(this)},_setOption:function(a,b){d.Widget.prototype._setOption.apply(this,arguments);a==="source"&&this._initSource();if(a==="appendTo")this.menu.element.appendTo(d(b||"body",this.element[0].ownerDocument)[0]);a==="disabled"&&
-b&&this.xhr&&this.xhr.abort()},_initSource:function(){var a=this,b,g;if(d.isArray(this.options.source)){b=this.options.source;this.source=function(c,f){f(d.ui.autocomplete.filter(b,c.term))}}else if(typeof this.options.source==="string"){g=this.options.source;this.source=function(c,f){a.xhr&&a.xhr.abort();a.xhr=d.ajax({url:g,data:c,dataType:"json",autocompleteRequest:++e,success:function(h){this.autocompleteRequest===e&&f(h)},error:function(){this.autocompleteRequest===e&&f([])}})}}else this.source=
-this.options.source},search:function(a,b){a=a!=null?a:this.element.val();this.term=this.element.val();if(a.length<this.options.minLength)return this.close(b);clearTimeout(this.closing);if(this._trigger("search",b)!==false)return this._search(a)},_search:function(a){this.pending++;this.element.addClass("ui-autocomplete-loading");this.source({term:a},this.response)},_response:function(a){if(!this.options.disabled&&a&&a.length){a=this._normalize(a);this._suggest(a);this._trigger("open")}else this.close();
-this.pending--;this.pending||this.element.removeClass("ui-autocomplete-loading")},close:function(a){clearTimeout(this.closing);if(this.menu.element.is(":visible")){this.menu.element.hide();this.menu.deactivate();this._trigger("close",a)}},_change:function(a){this.previous!==this.element.val()&&this._trigger("change",a,{item:this.selectedItem})},_normalize:function(a){if(a.length&&a[0].label&&a[0].value)return a;return d.map(a,function(b){if(typeof b==="string")return{label:b,value:b};return d.extend({label:b.label||
-b.value,value:b.value||b.label},b)})},_suggest:function(a){var b=this.menu.element.empty().zIndex(this.element.zIndex()+1);this._renderMenu(b,a);this.menu.deactivate();this.menu.refresh();b.show();this._resizeMenu();b.position(d.extend({of:this.element},this.options.position));this.options.autoFocus&&this.menu.next(new d.Event("mouseover"))},_resizeMenu:function(){var a=this.menu.element;a.outerWidth(Math.max(a.width("").outerWidth(),this.element.outerWidth()))},_renderMenu:function(a,b){var g=this;
-d.each(b,function(c,f){g._renderItem(a,f)})},_renderItem:function(a,b){return d("<li></li>").data("item.autocomplete",b).append(d("<a></a>").text(b.label)).appendTo(a)},_move:function(a,b){if(this.menu.element.is(":visible"))if(this.menu.first()&&/^previous/.test(a)||this.menu.last()&&/^next/.test(a)){this.element.val(this.term);this.menu.deactivate()}else this.menu[a](b);else this.search(null,b)},widget:function(){return this.menu.element}});d.extend(d.ui.autocomplete,{escapeRegex:function(a){return a.replace(/[-[\]{}()*+?.,\\^$|#\s]/g,
-"\\$&")},filter:function(a,b){var g=new RegExp(d.ui.autocomplete.escapeRegex(b),"i");return d.grep(a,function(c){return g.test(c.label||c.value||c)})}})})(jQuery);
-(function(d){d.widget("ui.menu",{_create:function(){var e=this;this.element.addClass("ui-menu ui-widget ui-widget-content ui-corner-all").attr({role:"listbox","aria-activedescendant":"ui-active-menuitem"}).click(function(a){if(d(a.target).closest(".ui-menu-item a").length){a.preventDefault();e.select(a)}});this.refresh()},refresh:function(){var e=this;this.element.children("li:not(.ui-menu-item):has(a)").addClass("ui-menu-item").attr("role","menuitem").children("a").addClass("ui-corner-all").attr("tabindex",
--1).mouseenter(function(a){e.activate(a,d(this).parent())}).mouseleave(function(){e.deactivate()})},activate:function(e,a){this.deactivate();if(this.hasScroll()){var b=a.offset().top-this.element.offset().top,g=this.element.attr("scrollTop"),c=this.element.height();if(b<0)this.element.attr("scrollTop",g+b);else b>=c&&this.element.attr("scrollTop",g+b-c+a.height())}this.active=a.eq(0).children("a").addClass("ui-state-hover").attr("id","ui-active-menuitem").end();this._trigger("focus",e,{item:a})},
-deactivate:function(){if(this.active){this.active.children("a").removeClass("ui-state-hover").removeAttr("id");this._trigger("blur");this.active=null}},next:function(e){this.move("next",".ui-menu-item:first",e)},previous:function(e){this.move("prev",".ui-menu-item:last",e)},first:function(){return this.active&&!this.active.prevAll(".ui-menu-item").length},last:function(){return this.active&&!this.active.nextAll(".ui-menu-item").length},move:function(e,a,b){if(this.active){e=this.active[e+"All"](".ui-menu-item").eq(0);
-e.length?this.activate(b,e):this.activate(b,this.element.children(a))}else this.activate(b,this.element.children(a))},nextPage:function(e){if(this.hasScroll())if(!this.active||this.last())this.activate(e,this.element.children(".ui-menu-item:first"));else{var a=this.active.offset().top,b=this.element.height(),g=this.element.children(".ui-menu-item").filter(function(){var c=d(this).offset().top-a-b+d(this).height();return c<10&&c>-10});g.length||(g=this.element.children(".ui-menu-item:last"));this.activate(e,
-g)}else this.activate(e,this.element.children(".ui-menu-item").filter(!this.active||this.last()?":first":":last"))},previousPage:function(e){if(this.hasScroll())if(!this.active||this.first())this.activate(e,this.element.children(".ui-menu-item:last"));else{var a=this.active.offset().top,b=this.element.height();result=this.element.children(".ui-menu-item").filter(function(){var g=d(this).offset().top-a+b-d(this).height();return g<10&&g>-10});result.length||(result=this.element.children(".ui-menu-item:first"));
-this.activate(e,result)}else this.activate(e,this.element.children(".ui-menu-item").filter(!this.active||this.first()?":last":":first"))},hasScroll:function(){return this.element.height()<this.element.attr("scrollHeight")},select:function(e){this._trigger("selected",e,{item:this.active})}})})(jQuery);
-;
\ No newline at end of file
diff --git a/share/www/script/jquery-ui-1.9.2.custom.min.js b/share/www/script/jquery-ui-1.9.2.custom.min.js
new file mode 100644
index 00000000000..4ae74745a00
--- /dev/null
+++ b/share/www/script/jquery-ui-1.9.2.custom.min.js
@@ -0,0 +1,6 @@
+/*! jQuery UI - v1.9.2 - 2014-10-30
+* http://jqueryui.com
+* Includes: jquery.ui.core.js, jquery.ui.widget.js, jquery.ui.position.js, jquery.ui.autocomplete.js, jquery.ui.menu.js
+* Copyright 2014 jQuery Foundation and other contributors; Licensed MIT */
+
+(function(e,t){function i(t,i){var n,a,o,r=t.nodeName.toLowerCase();return"area"===r?(n=t.parentNode,a=n.name,t.href&&a&&"map"===n.nodeName.toLowerCase()?(o=e("img[usemap=#"+a+"]")[0],!!o&&s(o)):!1):(/input|select|textarea|button|object/.test(r)?!t.disabled:"a"===r?t.href||i:i)&&s(t)}function s(t){return e.expr.filters.visible(t)&&!e(t).parents().andSelf().filter(function(){return"hidden"===e.css(this,"visibility")}).length}var n=0,a=/^ui-id-\d+$/;e.ui=e.ui||{},e.ui.version||(e.extend(e.ui,{version:"1.9.2",keyCode:{BACKSPACE:8,COMMA:188,DELETE:46,DOWN:40,END:35,ENTER:13,ESCAPE:27,HOME:36,LEFT:37,NUMPAD_ADD:107,NUMPAD_DECIMAL:110,NUMPAD_DIVIDE:111,NUMPAD_ENTER:108,NUMPAD_MULTIPLY:106,NUMPAD_SUBTRACT:109,PAGE_DOWN:34,PAGE_UP:33,PERIOD:190,RIGHT:39,SPACE:32,TAB:9,UP:38}}),e.fn.extend({_focus:e.fn.focus,focus:function(t,i){return"number"==typeof t?this.each(function(){var s=this;setTimeout(function(){e(s).focus(),i&&i.call(s)},t)}):this._focus.apply(this,arguments)},scrollParent:function(){var t;return t=e.ui.ie&&/(static|relative)/.test(this.css("position"))||/absolute/.test(this.css("position"))?this.parents().filter(function(){return/(relative|absolute|fixed)/.test(e.css(this,"position"))&&/(auto|scroll)/.test(e.css(this,"overflow")+e.css(this,"overflow-y")+e.css(this,"overflow-x"))}).eq(0):this.parents().filter(function(){return/(auto|scroll)/.test(e.css(this,"overflow")+e.css(this,"overflow-y")+e.css(this,"overflow-x"))}).eq(0),/fixed/.test(this.css("position"))||!t.length?e(document):t},zIndex:function(i){if(i!==t)return this.css("zIndex",i);if(this.length)for(var s,n,a=e(this[0]);a.length&&a[0]!==document;){if(s=a.css("position"),("absolute"===s||"relative"===s||"fixed"===s)&&(n=parseInt(a.css("zIndex"),10),!isNaN(n)&&0!==n))return n;a=a.parent()}return 0},uniqueId:function(){return this.each(function(){this.id||(this.id="ui-id-"+ ++n)})},removeUniqueId:function(){return this.each(function(){a.test(this.id)&&e(this).removeAttr("id")})}}),e.extend(e.expr[":"],{data:e.expr.createPseudo?e.expr.createPseudo(function(t){return function(i){return!!e.data(i,t)}}):function(t,i,s){return!!e.data(t,s[3])},focusable:function(t){return i(t,!isNaN(e.attr(t,"tabindex")))},tabbable:function(t){var s=e.attr(t,"tabindex"),n=isNaN(s);return(n||s>=0)&&i(t,!n)}}),e(function(){var t=document.body,i=t.appendChild(i=document.createElement("div"));i.offsetHeight,e.extend(i.style,{minHeight:"100px",height:"auto",padding:0,borderWidth:0}),e.support.minHeight=100===i.offsetHeight,e.support.selectstart="onselectstart"in i,t.removeChild(i).style.display="none"}),e("<a>").outerWidth(1).jquery||e.each(["Width","Height"],function(i,s){function n(t,i,s,n){return e.each(a,function(){i-=parseFloat(e.css(t,"padding"+this))||0,s&&(i-=parseFloat(e.css(t,"border"+this+"Width"))||0),n&&(i-=parseFloat(e.css(t,"margin"+this))||0)}),i}var a="Width"===s?["Left","Right"]:["Top","Bottom"],o=s.toLowerCase(),r={innerWidth:e.fn.innerWidth,innerHeight:e.fn.innerHeight,outerWidth:e.fn.outerWidth,outerHeight:e.fn.outerHeight};e.fn["inner"+s]=function(i){return i===t?r["inner"+s].call(this):this.each(function(){e(this).css(o,n(this,i)+"px")})},e.fn["outer"+s]=function(t,i){return"number"!=typeof t?r["outer"+s].call(this,t):this.each(function(){e(this).css(o,n(this,t,!0,i)+"px")})}}),e("<a>").data("a-b","a").removeData("a-b").data("a-b")&&(e.fn.removeData=function(t){return function(i){return arguments.length?t.call(this,e.camelCase(i)):t.call(this)}}(e.fn.removeData)),function(){var t=/msie ([\w.]+)/.exec(navigator.userAgent.toLowerCase())||[];e.ui.ie=t.length?!0:!1,e.ui.ie6=6===parseFloat(t[1],10)}(),e.fn.extend({disableSelection:function(){return this.bind((e.support.selectstart?"selectstart":"mousedown")+".ui-disableSelection",function(e){e.preventDefault()})},enableSelection:function(){return this.unbind(".ui-disableSelection")}}),e.extend(e.ui,{plugin:{add:function(t,i,s){var n,a=e.ui[t].prototype;for(n in s)a.plugins[n]=a.plugins[n]||[],a.plugins[n].push([i,s[n]])},call:function(e,t,i){var s,n=e.plugins[t];if(n&&e.element[0].parentNode&&11!==e.element[0].parentNode.nodeType)for(s=0;n.length>s;s++)e.options[n[s][0]]&&n[s][1].apply(e.element,i)}},contains:e.contains,hasScroll:function(t,i){if("hidden"===e(t).css("overflow"))return!1;var s=i&&"left"===i?"scrollLeft":"scrollTop",n=!1;return t[s]>0?!0:(t[s]=1,n=t[s]>0,t[s]=0,n)},isOverAxis:function(e,t,i){return e>t&&t+i>e},isOver:function(t,i,s,n,a,o){return e.ui.isOverAxis(t,s,a)&&e.ui.isOverAxis(i,n,o)}}))})(jQuery);(function(e,t){var i=0,s=Array.prototype.slice,n=e.cleanData;e.cleanData=function(t){for(var i,s=0;null!=(i=t[s]);s++)try{e(i).triggerHandler("remove")}catch(a){}n(t)},e.widget=function(i,s,n){var a,o,r,h,l=i.split(".")[0];i=i.split(".")[1],a=l+"-"+i,n||(n=s,s=e.Widget),e.expr[":"][a.toLowerCase()]=function(t){return!!e.data(t,a)},e[l]=e[l]||{},o=e[l][i],r=e[l][i]=function(e,i){return this._createWidget?(arguments.length&&this._createWidget(e,i),t):new r(e,i)},e.extend(r,o,{version:n.version,_proto:e.extend({},n),_childConstructors:[]}),h=new s,h.options=e.widget.extend({},h.options),e.each(n,function(t,i){e.isFunction(i)&&(n[t]=function(){var e=function(){return s.prototype[t].apply(this,arguments)},n=function(e){return s.prototype[t].apply(this,e)};return function(){var t,s=this._super,a=this._superApply;return this._super=e,this._superApply=n,t=i.apply(this,arguments),this._super=s,this._superApply=a,t}}())}),r.prototype=e.widget.extend(h,{widgetEventPrefix:o?h.widgetEventPrefix:i},n,{constructor:r,namespace:l,widgetName:i,widgetBaseClass:a,widgetFullName:a}),o?(e.each(o._childConstructors,function(t,i){var s=i.prototype;e.widget(s.namespace+"."+s.widgetName,r,i._proto)}),delete o._childConstructors):s._childConstructors.push(r),e.widget.bridge(i,r)},e.widget.extend=function(i){for(var n,a,o=s.call(arguments,1),r=0,h=o.length;h>r;r++)for(n in o[r])a=o[r][n],o[r].hasOwnProperty(n)&&a!==t&&(i[n]=e.isPlainObject(a)?e.isPlainObject(i[n])?e.widget.extend({},i[n],a):e.widget.extend({},a):a);return i},e.widget.bridge=function(i,n){var a=n.prototype.widgetFullName||i;e.fn[i]=function(o){var r="string"==typeof o,h=s.call(arguments,1),l=this;return o=!r&&h.length?e.widget.extend.apply(null,[o].concat(h)):o,r?this.each(function(){var s,n=e.data(this,a);return n?e.isFunction(n[o])&&"_"!==o.charAt(0)?(s=n[o].apply(n,h),s!==n&&s!==t?(l=s&&s.jquery?l.pushStack(s.get()):s,!1):t):e.error("no such method '"+o+"' for "+i+" widget instance"):e.error("cannot call methods on "+i+" prior to initialization; "+"attempted to call method '"+o+"'")}):this.each(function(){var t=e.data(this,a);t?t.option(o||{})._init():e.data(this,a,new n(o,this))}),l}},e.Widget=function(){},e.Widget._childConstructors=[],e.Widget.prototype={widgetName:"widget",widgetEventPrefix:"",defaultElement:"<div>",options:{disabled:!1,create:null},_createWidget:function(t,s){s=e(s||this.defaultElement||this)[0],this.element=e(s),this.uuid=i++,this.eventNamespace="."+this.widgetName+this.uuid,this.options=e.widget.extend({},this.options,this._getCreateOptions(),t),this.bindings=e(),this.hoverable=e(),this.focusable=e(),s!==this&&(e.data(s,this.widgetName,this),e.data(s,this.widgetFullName,this),this._on(!0,this.element,{remove:function(e){e.target===s&&this.destroy()}}),this.document=e(s.style?s.ownerDocument:s.document||s),this.window=e(this.document[0].defaultView||this.document[0].parentWindow)),this._create(),this._trigger("create",null,this._getCreateEventData()),this._init()},_getCreateOptions:e.noop,_getCreateEventData:e.noop,_create:e.noop,_init:e.noop,destroy:function(){this._destroy(),this.element.unbind(this.eventNamespace).removeData(this.widgetName).removeData(this.widgetFullName).removeData(e.camelCase(this.widgetFullName)),this.widget().unbind(this.eventNamespace).removeAttr("aria-disabled").removeClass(this.widgetFullName+"-disabled "+"ui-state-disabled"),this.bindings.unbind(this.eventNamespace),this.hoverable.removeClass("ui-state-hover"),this.focusable.removeClass("ui-state-focus")},_destroy:e.noop,widget:function(){return this.element},option:function(i,s){var n,a,o,r=i;if(0===arguments.length)return e.widget.extend({},this.options);if("string"==typeof i)if(r={},n=i.split("."),i=n.shift(),n.length){for(a=r[i]=e.widget.extend({},this.options[i]),o=0;n.length-1>o;o++)a[n[o]]=a[n[o]]||{},a=a[n[o]];if(i=n.pop(),s===t)return a[i]===t?null:a[i];a[i]=s}else{if(s===t)return this.options[i]===t?null:this.options[i];r[i]=s}return this._setOptions(r),this},_setOptions:function(e){var t;for(t in e)this._setOption(t,e[t]);return this},_setOption:function(e,t){return this.options[e]=t,"disabled"===e&&(this.widget().toggleClass(this.widgetFullName+"-disabled ui-state-disabled",!!t).attr("aria-disabled",t),this.hoverable.removeClass("ui-state-hover"),this.focusable.removeClass("ui-state-focus")),this},enable:function(){return this._setOption("disabled",!1)},disable:function(){return this._setOption("disabled",!0)},_on:function(i,s,n){var a,o=this;"boolean"!=typeof i&&(n=s,s=i,i=!1),n?(s=a=e(s),this.bindings=this.bindings.add(s)):(n=s,s=this.element,a=this.widget()),e.each(n,function(n,r){function h(){return i||o.options.disabled!==!0&&!e(this).hasClass("ui-state-disabled")?("string"==typeof r?o[r]:r).apply(o,arguments):t}"string"!=typeof r&&(h.guid=r.guid=r.guid||h.guid||e.guid++);var l=n.match(/^(\w+)\s*(.*)$/),u=l[1]+o.eventNamespace,c=l[2];c?a.delegate(c,u,h):s.bind(u,h)})},_off:function(e,t){t=(t||"").split(" ").join(this.eventNamespace+" ")+this.eventNamespace,e.unbind(t).undelegate(t)},_delay:function(e,t){function i(){return("string"==typeof e?s[e]:e).apply(s,arguments)}var s=this;return setTimeout(i,t||0)},_hoverable:function(t){this.hoverable=this.hoverable.add(t),this._on(t,{mouseenter:function(t){e(t.currentTarget).addClass("ui-state-hover")},mouseleave:function(t){e(t.currentTarget).removeClass("ui-state-hover")}})},_focusable:function(t){this.focusable=this.focusable.add(t),this._on(t,{focusin:function(t){e(t.currentTarget).addClass("ui-state-focus")},focusout:function(t){e(t.currentTarget).removeClass("ui-state-focus")}})},_trigger:function(t,i,s){var n,a,o=this.options[t];if(s=s||{},i=e.Event(i),i.type=(t===this.widgetEventPrefix?t:this.widgetEventPrefix+t).toLowerCase(),i.target=this.element[0],a=i.originalEvent)for(n in a)n in i||(i[n]=a[n]);return this.element.trigger(i,s),!(e.isFunction(o)&&o.apply(this.element[0],[i].concat(s))===!1||i.isDefaultPrevented())}},e.each({show:"fadeIn",hide:"fadeOut"},function(t,i){e.Widget.prototype["_"+t]=function(s,n,a){"string"==typeof n&&(n={effect:n});var o,r=n?n===!0||"number"==typeof n?i:n.effect||i:t;n=n||{},"number"==typeof n&&(n={duration:n}),o=!e.isEmptyObject(n),n.complete=a,n.delay&&s.delay(n.delay),o&&e.effects&&(e.effects.effect[r]||e.uiBackCompat!==!1&&e.effects[r])?s[t](n):r!==t&&s[r]?s[r](n.duration,n.easing,a):s.queue(function(i){e(this)[t](),a&&a.call(s[0]),i()})}}),e.uiBackCompat!==!1&&(e.Widget.prototype._getCreateOptions=function(){return e.metadata&&e.metadata.get(this.element[0])[this.widgetName]})})(jQuery);(function(e,t){function i(e,t,i){return[parseInt(e[0],10)*(d.test(e[0])?t/100:1),parseInt(e[1],10)*(d.test(e[1])?i/100:1)]}function s(t,i){return parseInt(e.css(t,i),10)||0}e.ui=e.ui||{};var n,a=Math.max,o=Math.abs,r=Math.round,h=/left|center|right/,l=/top|center|bottom/,u=/[\+\-]\d+%?/,c=/^\w+/,d=/%$/,p=e.fn.position;e.position={scrollbarWidth:function(){if(n!==t)return n;var i,s,a=e("<div style='display:block;width:50px;height:50px;overflow:hidden;'><div style='height:100px;width:auto;'></div></div>"),o=a.children()[0];return e("body").append(a),i=o.offsetWidth,a.css("overflow","scroll"),s=o.offsetWidth,i===s&&(s=a[0].clientWidth),a.remove(),n=i-s},getScrollInfo:function(t){var i=t.isWindow?"":t.element.css("overflow-x"),s=t.isWindow?"":t.element.css("overflow-y"),n="scroll"===i||"auto"===i&&t.width<t.element[0].scrollWidth,a="scroll"===s||"auto"===s&&t.height<t.element[0].scrollHeight;return{width:n?e.position.scrollbarWidth():0,height:a?e.position.scrollbarWidth():0}},getWithinInfo:function(t){var i=e(t||window),s=e.isWindow(i[0]);return{element:i,isWindow:s,offset:i.offset()||{left:0,top:0},scrollLeft:i.scrollLeft(),scrollTop:i.scrollTop(),width:s?i.width():i.outerWidth(),height:s?i.height():i.outerHeight()}}},e.fn.position=function(t){if(!t||!t.of)return p.apply(this,arguments);t=e.extend({},t);var n,d,f,m,g,v=e(t.of),y=e.position.getWithinInfo(t.within),b=e.position.getScrollInfo(y),_=v[0],x=(t.collision||"flip").split(" "),k={};return 9===_.nodeType?(d=v.width(),f=v.height(),m={top:0,left:0}):e.isWindow(_)?(d=v.width(),f=v.height(),m={top:v.scrollTop(),left:v.scrollLeft()}):_.preventDefault?(t.at="left top",d=f=0,m={top:_.pageY,left:_.pageX}):(d=v.outerWidth(),f=v.outerHeight(),m=v.offset()),g=e.extend({},m),e.each(["my","at"],function(){var e,i,s=(t[this]||"").split(" ");1===s.length&&(s=h.test(s[0])?s.concat(["center"]):l.test(s[0])?["center"].concat(s):["center","center"]),s[0]=h.test(s[0])?s[0]:"center",s[1]=l.test(s[1])?s[1]:"center",e=u.exec(s[0]),i=u.exec(s[1]),k[this]=[e?e[0]:0,i?i[0]:0],t[this]=[c.exec(s[0])[0],c.exec(s[1])[0]]}),1===x.length&&(x[1]=x[0]),"right"===t.at[0]?g.left+=d:"center"===t.at[0]&&(g.left+=d/2),"bottom"===t.at[1]?g.top+=f:"center"===t.at[1]&&(g.top+=f/2),n=i(k.at,d,f),g.left+=n[0],g.top+=n[1],this.each(function(){var h,l,u=e(this),c=u.outerWidth(),p=u.outerHeight(),_=s(this,"marginLeft"),w=s(this,"marginTop"),T=c+_+s(this,"marginRight")+b.width,D=p+w+s(this,"marginBottom")+b.height,S=e.extend({},g),M=i(k.my,u.outerWidth(),u.outerHeight());"right"===t.my[0]?S.left-=c:"center"===t.my[0]&&(S.left-=c/2),"bottom"===t.my[1]?S.top-=p:"center"===t.my[1]&&(S.top-=p/2),S.left+=M[0],S.top+=M[1],e.support.offsetFractions||(S.left=r(S.left),S.top=r(S.top)),h={marginLeft:_,marginTop:w},e.each(["left","top"],function(i,s){e.ui.position[x[i]]&&e.ui.position[x[i]][s](S,{targetWidth:d,targetHeight:f,elemWidth:c,elemHeight:p,collisionPosition:h,collisionWidth:T,collisionHeight:D,offset:[n[0]+M[0],n[1]+M[1]],my:t.my,at:t.at,within:y,elem:u})}),e.fn.bgiframe&&u.bgiframe(),t.using&&(l=function(e){var i=m.left-S.left,s=i+d-c,n=m.top-S.top,r=n+f-p,h={target:{element:v,left:m.left,top:m.top,width:d,height:f},element:{element:u,left:S.left,top:S.top,width:c,height:p},horizontal:0>s?"left":i>0?"right":"center",vertical:0>r?"top":n>0?"bottom":"middle"};c>d&&d>o(i+s)&&(h.horizontal="center"),p>f&&f>o(n+r)&&(h.vertical="middle"),h.important=a(o(i),o(s))>a(o(n),o(r))?"horizontal":"vertical",t.using.call(this,e,h)}),u.offset(e.extend(S,{using:l}))})},e.ui.position={fit:{left:function(e,t){var i,s=t.within,n=s.isWindow?s.scrollLeft:s.offset.left,o=s.width,r=e.left-t.collisionPosition.marginLeft,h=n-r,l=r+t.collisionWidth-o-n;t.collisionWidth>o?h>0&&0>=l?(i=e.left+h+t.collisionWidth-o-n,e.left+=h-i):e.left=l>0&&0>=h?n:h>l?n+o-t.collisionWidth:n:h>0?e.left+=h:l>0?e.left-=l:e.left=a(e.left-r,e.left)},top:function(e,t){var i,s=t.within,n=s.isWindow?s.scrollTop:s.offset.top,o=t.within.height,r=e.top-t.collisionPosition.marginTop,h=n-r,l=r+t.collisionHeight-o-n;t.collisionHeight>o?h>0&&0>=l?(i=e.top+h+t.collisionHeight-o-n,e.top+=h-i):e.top=l>0&&0>=h?n:h>l?n+o-t.collisionHeight:n:h>0?e.top+=h:l>0?e.top-=l:e.top=a(e.top-r,e.top)}},flip:{left:function(e,t){var i,s,n=t.within,a=n.offset.left+n.scrollLeft,r=n.width,h=n.isWindow?n.scrollLeft:n.offset.left,l=e.left-t.collisionPosition.marginLeft,u=l-h,c=l+t.collisionWidth-r-h,d="left"===t.my[0]?-t.elemWidth:"right"===t.my[0]?t.elemWidth:0,p="left"===t.at[0]?t.targetWidth:"right"===t.at[0]?-t.targetWidth:0,f=-2*t.offset[0];0>u?(i=e.left+d+p+f+t.collisionWidth-r-a,(0>i||o(u)>i)&&(e.left+=d+p+f)):c>0&&(s=e.left-t.collisionPosition.marginLeft+d+p+f-h,(s>0||c>o(s))&&(e.left+=d+p+f))},top:function(e,t){var i,s,n=t.within,a=n.offset.top+n.scrollTop,r=n.height,h=n.isWindow?n.scrollTop:n.offset.top,l=e.top-t.collisionPosition.marginTop,u=l-h,c=l+t.collisionHeight-r-h,d="top"===t.my[1],p=d?-t.elemHeight:"bottom"===t.my[1]?t.elemHeight:0,f="top"===t.at[1]?t.targetHeight:"bottom"===t.at[1]?-t.targetHeight:0,m=-2*t.offset[1];0>u?(s=e.top+p+f+m+t.collisionHeight-r-a,e.top+p+f+m>u&&(0>s||o(u)>s)&&(e.top+=p+f+m)):c>0&&(i=e.top-t.collisionPosition.marginTop+p+f+m-h,e.top+p+f+m>c&&(i>0||c>o(i))&&(e.top+=p+f+m))}},flipfit:{left:function(){e.ui.position.flip.left.apply(this,arguments),e.ui.position.fit.left.apply(this,arguments)},top:function(){e.ui.position.flip.top.apply(this,arguments),e.ui.position.fit.top.apply(this,arguments)}}},function(){var t,i,s,n,a,o=document.getElementsByTagName("body")[0],r=document.createElement("div");t=document.createElement(o?"div":"body"),s={visibility:"hidden",width:0,height:0,border:0,margin:0,background:"none"},o&&e.extend(s,{position:"absolute",left:"-1000px",top:"-1000px"});for(a in s)t.style[a]=s[a];t.appendChild(r),i=o||document.documentElement,i.insertBefore(t,i.firstChild),r.style.cssText="position: absolute; left: 10.7432222px;",n=e(r).offset().left,e.support.offsetFractions=n>10&&11>n,t.innerHTML="",i.removeChild(t)}(),e.uiBackCompat!==!1&&function(e){var i=e.fn.position;e.fn.position=function(s){if(!s||!s.offset)return i.call(this,s);var n=s.offset.split(" "),a=s.at.split(" ");return 1===n.length&&(n[1]=n[0]),/^\d/.test(n[0])&&(n[0]="+"+n[0]),/^\d/.test(n[1])&&(n[1]="+"+n[1]),1===a.length&&(/left|center|right/.test(a[0])?a[1]="center":(a[1]=a[0],a[0]="center")),i.call(this,e.extend(s,{at:a[0]+n[0]+" "+a[1]+n[1],offset:t}))}}(jQuery)})(jQuery);(function(e){var t=0;e.widget("ui.autocomplete",{version:"1.9.2",defaultElement:"<input>",options:{appendTo:"body",autoFocus:!1,delay:300,minLength:1,position:{my:"left top",at:"left bottom",collision:"none"},source:null,change:null,close:null,focus:null,open:null,response:null,search:null,select:null},pending:0,_create:function(){var t,i,s;this.isMultiLine=this._isMultiLine(),this.valueMethod=this.element[this.element.is("input,textarea")?"val":"text"],this.isNewMenu=!0,this.element.addClass("ui-autocomplete-input").attr("autocomplete","off"),this._on(this.element,{keydown:function(n){if(this.element.prop("readOnly"))return t=!0,s=!0,i=!0,undefined;t=!1,s=!1,i=!1;var a=e.ui.keyCode;switch(n.keyCode){case a.PAGE_UP:t=!0,this._move("previousPage",n);break;case a.PAGE_DOWN:t=!0,this._move("nextPage",n);break;case a.UP:t=!0,this._keyEvent("previous",n);break;case a.DOWN:t=!0,this._keyEvent("next",n);break;case a.ENTER:case a.NUMPAD_ENTER:this.menu.active&&(t=!0,n.preventDefault(),this.menu.select(n));break;case a.TAB:this.menu.active&&this.menu.select(n);break;case a.ESCAPE:this.menu.element.is(":visible")&&(this._value(this.term),this.close(n),n.preventDefault());break;default:i=!0,this._searchTimeout(n)}},keypress:function(s){if(t)return t=!1,s.preventDefault(),undefined;if(!i){var n=e.ui.keyCode;switch(s.keyCode){case n.PAGE_UP:this._move("previousPage",s);break;case n.PAGE_DOWN:this._move("nextPage",s);break;case n.UP:this._keyEvent("previous",s);break;case n.DOWN:this._keyEvent("next",s)}}},input:function(e){return s?(s=!1,e.preventDefault(),undefined):(this._searchTimeout(e),undefined)},focus:function(){this.selectedItem=null,this.previous=this._value()},blur:function(e){return this.cancelBlur?(delete this.cancelBlur,undefined):(clearTimeout(this.searching),this.close(e),this._change(e),undefined)}}),this._initSource(),this.menu=e("<ul>").addClass("ui-autocomplete").appendTo(this.document.find(this.options.appendTo||"body")[0]).menu({input:e(),role:null}).zIndex(this.element.zIndex()+1).hide().data("menu"),this._on(this.menu.element,{mousedown:function(t){t.preventDefault(),this.cancelBlur=!0,this._delay(function(){delete this.cancelBlur});var i=this.menu.element[0];e(t.target).closest(".ui-menu-item").length||this._delay(function(){var t=this;this.document.one("mousedown",function(s){s.target===t.element[0]||s.target===i||e.contains(i,s.target)||t.close()})})},menufocus:function(t,i){if(this.isNewMenu&&(this.isNewMenu=!1,t.originalEvent&&/^mouse/.test(t.originalEvent.type)))return this.menu.blur(),this.document.one("mousemove",function(){e(t.target).trigger(t.originalEvent)}),undefined;var s=i.item.data("ui-autocomplete-item")||i.item.data("item.autocomplete");!1!==this._trigger("focus",t,{item:s})?t.originalEvent&&/^key/.test(t.originalEvent.type)&&this._value(s.value):this.liveRegion.text(s.value)},menuselect:function(e,t){var i=t.item.data("ui-autocomplete-item")||t.item.data("item.autocomplete"),s=this.previous;this.element[0]!==this.document[0].activeElement&&(this.element.focus(),this.previous=s,this._delay(function(){this.previous=s,this.selectedItem=i})),!1!==this._trigger("select",e,{item:i})&&this._value(i.value),this.term=this._value(),this.close(e),this.selectedItem=i}}),this.liveRegion=e("<span>",{role:"status","aria-live":"polite"}).addClass("ui-helper-hidden-accessible").insertAfter(this.element),e.fn.bgiframe&&this.menu.element.bgiframe(),this._on(this.window,{beforeunload:function(){this.element.removeAttr("autocomplete")}})},_destroy:function(){clearTimeout(this.searching),this.element.removeClass("ui-autocomplete-input").removeAttr("autocomplete"),this.menu.element.remove(),this.liveRegion.remove()},_setOption:function(e,t){this._super(e,t),"source"===e&&this._initSource(),"appendTo"===e&&this.menu.element.appendTo(this.document.find(t||"body")[0]),"disabled"===e&&t&&this.xhr&&this.xhr.abort()},_isMultiLine:function(){return this.element.is("textarea")?!0:this.element.is("input")?!1:this.element.prop("isContentEditable")},_initSource:function(){var t,i,s=this;e.isArray(this.options.source)?(t=this.options.source,this.source=function(i,s){s(e.ui.autocomplete.filter(t,i.term))}):"string"==typeof this.options.source?(i=this.options.source,this.source=function(t,n){s.xhr&&s.xhr.abort(),s.xhr=e.ajax({url:i,data:t,dataType:"json",success:function(e){n(e)},error:function(){n([])}})}):this.source=this.options.source},_searchTimeout:function(e){clearTimeout(this.searching),this.searching=this._delay(function(){this.term!==this._value()&&(this.selectedItem=null,this.search(null,e))},this.options.delay)},search:function(e,t){return e=null!=e?e:this._value(),this.term=this._value(),e.length<this.options.minLength?this.close(t):this._trigger("search",t)!==!1?this._search(e):undefined},_search:function(e){this.pending++,this.element.addClass("ui-autocomplete-loading"),this.cancelSearch=!1,this.source({term:e},this._response())},_response:function(){var e=this,i=++t;return function(s){i===t&&e.__response(s),e.pending--,e.pending||e.element.removeClass("ui-autocomplete-loading")}},__response:function(e){e&&(e=this._normalize(e)),this._trigger("response",null,{content:e}),!this.options.disabled&&e&&e.length&&!this.cancelSearch?(this._suggest(e),this._trigger("open")):this._close()},close:function(e){this.cancelSearch=!0,this._close(e)},_close:function(e){this.menu.element.is(":visible")&&(this.menu.element.hide(),this.menu.blur(),this.isNewMenu=!0,this._trigger("close",e))},_change:function(e){this.previous!==this._value()&&this._trigger("change",e,{item:this.selectedItem})},_normalize:function(t){return t.length&&t[0].label&&t[0].value?t:e.map(t,function(t){return"string"==typeof t?{label:t,value:t}:e.extend({label:t.label||t.value,value:t.value||t.label},t)})},_suggest:function(t){var i=this.menu.element.empty().zIndex(this.element.zIndex()+1);this._renderMenu(i,t),this.menu.refresh(),i.show(),this._resizeMenu(),i.position(e.extend({of:this.element},this.options.position)),this.options.autoFocus&&this.menu.next()},_resizeMenu:function(){var e=this.menu.element;e.outerWidth(Math.max(e.width("").outerWidth()+1,this.element.outerWidth()))},_renderMenu:function(t,i){var s=this;e.each(i,function(e,i){s._renderItemData(t,i)})},_renderItemData:function(e,t){return this._renderItem(e,t).data("ui-autocomplete-item",t)},_renderItem:function(t,i){return e("<li>").append(e("<a>").text(i.label)).appendTo(t)},_move:function(e,t){return this.menu.element.is(":visible")?this.menu.isFirstItem()&&/^previous/.test(e)||this.menu.isLastItem()&&/^next/.test(e)?(this._value(this.term),this.menu.blur(),undefined):(this.menu[e](t),undefined):(this.search(null,t),undefined)},widget:function(){return this.menu.element},_value:function(){return this.valueMethod.apply(this.element,arguments)},_keyEvent:function(e,t){(!this.isMultiLine||this.menu.element.is(":visible"))&&(this._move(e,t),t.preventDefault())}}),e.extend(e.ui.autocomplete,{escapeRegex:function(e){return e.replace(/[\-\[\]{}()*+?.,\\\^$|#\s]/g,"\\$&")},filter:function(t,i){var s=RegExp(e.ui.autocomplete.escapeRegex(i),"i");return e.grep(t,function(e){return s.test(e.label||e.value||e)})}}),e.widget("ui.autocomplete",e.ui.autocomplete,{options:{messages:{noResults:"No search results.",results:function(e){return e+(e>1?" results are":" result is")+" available, use up and down arrow keys to navigate."}}},__response:function(e){var t;this._superApply(arguments),this.options.disabled||this.cancelSearch||(t=e&&e.length?this.options.messages.results(e.length):this.options.messages.noResults,this.liveRegion.text(t))}})})(jQuery);(function(e){var t=!1;e.widget("ui.menu",{version:"1.9.2",defaultElement:"<ul>",delay:300,options:{icons:{submenu:"ui-icon-carat-1-e"},menus:"ul",position:{my:"left top",at:"right top"},role:"menu",blur:null,focus:null,select:null},_create:function(){this.activeMenu=this.element,this.element.uniqueId().addClass("ui-menu ui-widget ui-widget-content ui-corner-all").toggleClass("ui-menu-icons",!!this.element.find(".ui-icon").length).attr({role:this.options.role,tabIndex:0}).bind("click"+this.eventNamespace,e.proxy(function(e){this.options.disabled&&e.preventDefault()},this)),this.options.disabled&&this.element.addClass("ui-state-disabled").attr("aria-disabled","true"),this._on({"mousedown .ui-menu-item > a":function(e){e.preventDefault()},"click .ui-state-disabled > a":function(e){e.preventDefault()},"click .ui-menu-item:has(a)":function(i){var s=e(i.target).closest(".ui-menu-item");!t&&s.not(".ui-state-disabled").length&&(t=!0,this.select(i),s.has(".ui-menu").length?this.expand(i):this.element.is(":focus")||(this.element.trigger("focus",[!0]),this.active&&1===this.active.parents(".ui-menu").length&&clearTimeout(this.timer)))},"mouseenter .ui-menu-item":function(t){var i=e(t.currentTarget);i.siblings().children(".ui-state-active").removeClass("ui-state-active"),this.focus(t,i)},mouseleave:"collapseAll","mouseleave .ui-menu":"collapseAll",focus:function(e,t){var i=this.active||this.element.children(".ui-menu-item").eq(0);t||this.focus(e,i)},blur:function(t){this._delay(function(){e.contains(this.element[0],this.document[0].activeElement)||this.collapseAll(t)})},keydown:"_keydown"}),this.refresh(),this._on(this.document,{click:function(i){e(i.target).closest(".ui-menu").length||this.collapseAll(i),t=!1}})},_destroy:function(){this.element.removeAttr("aria-activedescendant").find(".ui-menu").andSelf().removeClass("ui-menu ui-widget ui-widget-content ui-corner-all ui-menu-icons").removeAttr("role").removeAttr("tabIndex").removeAttr("aria-labelledby").removeAttr("aria-expanded").removeAttr("aria-hidden").removeAttr("aria-disabled").removeUniqueId().show(),this.element.find(".ui-menu-item").removeClass("ui-menu-item").removeAttr("role").removeAttr("aria-disabled").children("a").removeUniqueId().removeClass("ui-corner-all ui-state-hover").removeAttr("tabIndex").removeAttr("role").removeAttr("aria-haspopup").children().each(function(){var t=e(this);t.data("ui-menu-submenu-carat")&&t.remove()}),this.element.find(".ui-menu-divider").removeClass("ui-menu-divider ui-widget-content")},_keydown:function(t){function i(e){return e.replace(/[\-\[\]{}()*+?.,\\\^$|#\s]/g,"\\$&")}var s,n,a,o,r,h=!0;switch(t.keyCode){case e.ui.keyCode.PAGE_UP:this.previousPage(t);break;case e.ui.keyCode.PAGE_DOWN:this.nextPage(t);break;case e.ui.keyCode.HOME:this._move("first","first",t);break;case e.ui.keyCode.END:this._move("last","last",t);break;case e.ui.keyCode.UP:this.previous(t);break;case e.ui.keyCode.DOWN:this.next(t);break;case e.ui.keyCode.LEFT:this.collapse(t);break;case e.ui.keyCode.RIGHT:this.active&&!this.active.is(".ui-state-disabled")&&this.expand(t);break;case e.ui.keyCode.ENTER:case e.ui.keyCode.SPACE:this._activate(t);break;case e.ui.keyCode.ESCAPE:this.collapse(t);break;default:h=!1,n=this.previousFilter||"",a=String.fromCharCode(t.keyCode),o=!1,clearTimeout(this.filterTimer),a===n?o=!0:a=n+a,r=RegExp("^"+i(a),"i"),s=this.activeMenu.children(".ui-menu-item").filter(function(){return r.test(e(this).children("a").text())}),s=o&&-1!==s.index(this.active.next())?this.active.nextAll(".ui-menu-item"):s,s.length||(a=String.fromCharCode(t.keyCode),r=RegExp("^"+i(a),"i"),s=this.activeMenu.children(".ui-menu-item").filter(function(){return r.test(e(this).children("a").text())})),s.length?(this.focus(t,s),s.length>1?(this.previousFilter=a,this.filterTimer=this._delay(function(){delete this.previousFilter},1e3)):delete this.previousFilter):delete this.previousFilter}h&&t.preventDefault()},_activate:function(e){this.active.is(".ui-state-disabled")||(this.active.children("a[aria-haspopup='true']").length?this.expand(e):this.select(e))},refresh:function(){var t,i=this.options.icons.submenu,s=this.element.find(this.options.menus);s.filter(":not(.ui-menu)").addClass("ui-menu ui-widget ui-widget-content ui-corner-all").hide().attr({role:this.options.role,"aria-hidden":"true","aria-expanded":"false"}).each(function(){var t=e(this),s=t.prev("a"),n=e("<span>").addClass("ui-menu-icon ui-icon "+i).data("ui-menu-submenu-carat",!0);s.attr("aria-haspopup","true").prepend(n),t.attr("aria-labelledby",s.attr("id"))}),t=s.add(this.element),t.children(":not(.ui-menu-item):has(a)").addClass("ui-menu-item").attr("role","presentation").children("a").uniqueId().addClass("ui-corner-all").attr({tabIndex:-1,role:this._itemRole()}),t.children(":not(.ui-menu-item)").each(function(){var t=e(this);/[^\-—–\s]/.test(t.text())||t.addClass("ui-widget-content ui-menu-divider")}),t.children(".ui-state-disabled").attr("aria-disabled","true"),this.active&&!e.contains(this.element[0],this.active[0])&&this.blur()},_itemRole:function(){return{menu:"menuitem",listbox:"option"}[this.options.role]},focus:function(e,t){var i,s;this.blur(e,e&&"focus"===e.type),this._scrollIntoView(t),this.active=t.first(),s=this.active.children("a").addClass("ui-state-focus"),this.options.role&&this.element.attr("aria-activedescendant",s.attr("id")),this.active.parent().closest(".ui-menu-item").children("a:first").addClass("ui-state-active"),e&&"keydown"===e.type?this._close():this.timer=this._delay(function(){this._close()},this.delay),i=t.children(".ui-menu"),i.length&&/^mouse/.test(e.type)&&this._startOpening(i),this.activeMenu=t.parent(),this._trigger("focus",e,{item:t})},_scrollIntoView:function(t){var i,s,n,a,o,r;this._hasScroll()&&(i=parseFloat(e.css(this.activeMenu[0],"borderTopWidth"))||0,s=parseFloat(e.css(this.activeMenu[0],"paddingTop"))||0,n=t.offset().top-this.activeMenu.offset().top-i-s,a=this.activeMenu.scrollTop(),o=this.activeMenu.height(),r=t.height(),0>n?this.activeMenu.scrollTop(a+n):n+r>o&&this.activeMenu.scrollTop(a+n-o+r))},blur:function(e,t){t||clearTimeout(this.timer),this.active&&(this.active.children("a").removeClass("ui-state-focus"),this.active=null,this._trigger("blur",e,{item:this.active}))},_startOpening:function(e){clearTimeout(this.timer),"true"===e.attr("aria-hidden")&&(this.timer=this._delay(function(){this._close(),this._open(e)},this.delay))},_open:function(t){var i=e.extend({of:this.active},this.options.position);clearTimeout(this.timer),this.element.find(".ui-menu").not(t.parents(".ui-menu")).hide().attr("aria-hidden","true"),t.show().removeAttr("aria-hidden").attr("aria-expanded","true").position(i)},collapseAll:function(t,i){clearTimeout(this.timer),this.timer=this._delay(function(){var s=i?this.element:e(t&&t.target).closest(this.element.find(".ui-menu"));s.length||(s=this.element),this._close(s),this.blur(t),this.activeMenu=s},this.delay)},_close:function(e){e||(e=this.active?this.active.parent():this.element),e.find(".ui-menu").hide().attr("aria-hidden","true").attr("aria-expanded","false").end().find("a.ui-state-active").removeClass("ui-state-active")},collapse:function(e){var t=this.active&&this.active.parent().closest(".ui-menu-item",this.element);t&&t.length&&(this._close(),this.focus(e,t))},expand:function(e){var t=this.active&&this.active.children(".ui-menu ").children(".ui-menu-item").first();t&&t.length&&(this._open(t.parent()),this._delay(function(){this.focus(e,t)}))},next:function(e){this._move("next","first",e)},previous:function(e){this._move("prev","last",e)},isFirstItem:function(){return this.active&&!this.active.prevAll(".ui-menu-item").length},isLastItem:function(){return this.active&&!this.active.nextAll(".ui-menu-item").length},_move:function(e,t,i){var s;this.active&&(s="first"===e||"last"===e?this.active["first"===e?"prevAll":"nextAll"](".ui-menu-item").eq(-1):this.active[e+"All"](".ui-menu-item").eq(0)),s&&s.length&&this.active||(s=this.activeMenu.children(".ui-menu-item")[t]()),this.focus(i,s)},nextPage:function(t){var i,s,n;return this.active?(this.isLastItem()||(this._hasScroll()?(s=this.active.offset().top,n=this.element.height(),this.active.nextAll(".ui-menu-item").each(function(){return i=e(this),0>i.offset().top-s-n}),this.focus(t,i)):this.focus(t,this.activeMenu.children(".ui-menu-item")[this.active?"last":"first"]())),undefined):(this.next(t),undefined)},previousPage:function(t){var i,s,n;return this.active?(this.isFirstItem()||(this._hasScroll()?(s=this.active.offset().top,n=this.element.height(),this.active.prevAll(".ui-menu-item").each(function(){return i=e(this),i.offset().top-s+n>0}),this.focus(t,i)):this.focus(t,this.activeMenu.children(".ui-menu-item").first())),undefined):(this.next(t),undefined)},_hasScroll:function(){return this.element.outerHeight()<this.element.prop("scrollHeight")},select:function(t){this.active=this.active||e(t.target).closest(".ui-menu-item");var i={item:this.active};this.active.has(".ui-menu").length||this.collapseAll(t,!0),this._trigger("select",t,i)}})})(jQuery);
\ No newline at end of file
diff --git a/share/www/script/jquery.couch.js b/share/www/script/jquery.couch.js
index ffbad34303d..21b151e8774 100644
--- a/share/www/script/jquery.couch.js
+++ b/share/www/script/jquery.couch.js
@@ -734,6 +734,16 @@
          */
         copyDoc: function(docId, options, ajaxOptions) {
           ajaxOptions = $.extend(ajaxOptions, {
+            beforeSend: function(XMLHttpRequest) {
+              if (!options || !options.docid) {
+                  throw "Target docid required";
+              }
+              var header = options.docid;
+              if (options.rev) {
+                  header += '?rev=' + options.rev
+              }
+              XMLHttpRequest.setRequestHeader("Destination", header);
+            },
             complete: function(req) {
               var resp = $.parseJSON(req.responseText);
               if (req.status == 201) {
diff --git a/share/www/script/test/replication.js b/share/www/script/test/replication.js
index fd60dd41b9e..51e144ccb50 100644
--- a/share/www/script/test/replication.js
+++ b/share/www/script/test/replication.js
@@ -1455,16 +1455,23 @@ couchTests.replication = function(debug) {
   //
 
   // case 1) user triggering the replication is not a DB admin of the target DB
-  var joeUserDoc = CouchDB.prepareUserDoc({
-    name: "joe",
-    roles: ["erlanger"]
-  }, "erly");
   var usersDb = new CouchDB("test_suite_auth", {"X-Couch-Full-Commit":"false"});
+  var joeUserDoc = CouchDB.prepareUserDoc({ name: "joe" }, "erly");
   var server_config = [
     {
       section: "couch_httpd_auth",
       key: "authentication_db",
       value: usersDb.name
+    },
+    {
+      section: "couch_httpd_auth",
+      key: "iterations",
+      value: "1"
+    },
+    {
+      section: "admins",
+      key: "karl",
+      value: "secret"
     }
   ];
 
@@ -1520,6 +1527,8 @@ couchTests.replication = function(debug) {
       TEquals(docs.length, repResult.history[0].docs_read);
       TEquals((docs.length - 1), repResult.history[0].docs_written); // 1 ddoc
       TEquals(1, repResult.history[0].doc_write_failures);
+
+      TEquals(true, CouchDB.login("karl", "secret").ok);
     });
 
     for (j = 0; j < docs.length; j++) {
@@ -1587,6 +1596,8 @@ couchTests.replication = function(debug) {
       }
 
       TEquals(true, CouchDB.logout().ok);
+
+      TEquals(true, CouchDB.login("karl", "secret").ok);
     });
 
     for (j = 0; j < docs.length; j++) {
diff --git a/share/www/style/layout.css b/share/www/style/layout.css
index 54a183ac2ca..055e79128b9 100644
--- a/share/www/style/layout.css
+++ b/share/www/style/layout.css
@@ -246,6 +246,7 @@ body.fullwidth #wrap { margin-right: 0; }
 #toolbar button.run { background-image: url(../image/run.png); }
 #toolbar button.save { background-image: url(../image/save.png); }
 #toolbar button.share { background-image: url(../image/compact.png); }
+#toolbar button.copy { background-image: url(../image/copy.png); }
 
 /* Dialogs */
 
@@ -282,7 +283,9 @@ body.loading #dialog h2 {
   -webkit-border-bottom-right-radius: 7px;
 }
 #dialog p.help { color: #bbb; font-size: 95%; margin: 0 0 1em; }
+#dialog p.help-copy { margin-top: 1em; margin-bottom: 0; padding-left: 0.6em; }
 #dialog fieldset table { margin-top: 1em; }
+#dialog fieldset table.help-copy { margin-top: 0; }
 #dialog fieldset th, #dialog fieldset td { padding: .5em;
   vertical-align: top;
 }
diff --git a/src/Makefile.am b/src/Makefile.am
index c574c6e1798..a17674cc3b3 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -326,12 +326,14 @@ FAUXTON_FILES = \
     fauxton/assets/less/variables.less \
     fauxton/bin/grunt \
     fauxton/couchapp.js \
+    fauxton/extensions.md \
     fauxton/favicon.ico \
     fauxton/Gruntfile.js \
     fauxton/index.html \
     fauxton/package.json \
     fauxton/readme.md \
     fauxton/settings.json.default \
+    fauxton/settings.json.dev \
     fauxton/settings.json.sample_external \
     fauxton/tasks/addon/rename.json \
     fauxton/tasks/addon/root/base.js.underscore \
diff --git a/src/couch_replicator/src/couch_replicator_api_wrap.erl b/src/couch_replicator/src/couch_replicator_api_wrap.erl
index 3cf942d699f..94b22e96975 100644
--- a/src/couch_replicator/src/couch_replicator_api_wrap.erl
+++ b/src/couch_replicator/src/couch_replicator_api_wrap.erl
@@ -164,9 +164,7 @@ get_missing_revs(Db, IdRevs) ->
 open_doc_revs(#httpdb{retries = 0} = HttpDb, Id, Revs, Options, _Fun, _Acc) ->
     Path = encode_doc_id(Id),
     QS = options_to_query_args(HttpDb, Path, [revs, {open_revs, Revs} | Options]),
-    Url = couch_util:url_strip_password(
-        couch_replicator_httpc:full_url(HttpDb, [{path,Path}, {qs,QS}])
-    ),
+    Url = couch_replicator_httpc:full_url(HttpDb, [{path,Path}, {qs,QS}]),
     ?LOG_ERROR("Replication crashing because GET ~s failed", [Url]),
     exit(kaboom);
 open_doc_revs(#httpdb{} = HttpDb, Id, Revs, Options, Fun, Acc) ->
@@ -235,9 +233,7 @@ open_doc_revs(#httpdb{} = HttpDb, Id, Revs, Options, Fun, Acc) ->
                     open_doc_revs(HttpDb, Id, Revs, Options1, Fun, Acc)
             end;
         {'DOWN', Ref, process, Pid, Else} ->
-            Url = couch_util:url_strip_password(
-                couch_replicator_httpc:full_url(HttpDb, [{path,Path}, {qs,QS}])
-            ),
+            Url = couch_replicator_httpc:full_url(HttpDb, [{path,Path}, {qs,QS}]),
             #httpdb{retries = Retries, wait = Wait0} = HttpDb,
             Wait = 2 * erlang:min(Wait0 * 2, ?MAX_WAIT),
             ?LOG_INFO("Retrying GET to ~s in ~p seconds due to error ~p",
diff --git a/src/couch_replicator/src/couch_replicator_api_wrap.hrl b/src/couch_replicator/src/couch_replicator_api_wrap.hrl
index 1a6f27a0949..ac6b0642705 100644
--- a/src/couch_replicator/src/couch_replicator_api_wrap.hrl
+++ b/src/couch_replicator/src/couch_replicator_api_wrap.hrl
@@ -24,7 +24,10 @@
     retries = 10,
     wait = 250,         % milliseconds
     httpc_pool = nil,
-    http_connections
+    http_connections,
+    root_url,           % e.g. "http://example.com:5984/"
+    credentials         % ets table for storing the basic auth
+                        % credentials and the session cookie
 }).
 
 -record(oauth, {
diff --git a/src/couch_replicator/src/couch_replicator_httpc.erl b/src/couch_replicator/src/couch_replicator_httpc.erl
index b8fb31bcc4e..5ac13b11f74 100644
--- a/src/couch_replicator/src/couch_replicator_httpc.erl
+++ b/src/couch_replicator/src/couch_replicator_httpc.erl
@@ -30,8 +30,21 @@
 
 
 setup(#httpdb{httpc_pool = nil, url = Url, http_connections = MaxConns} = Db) ->
-    {ok, Pid} = couch_replicator_httpc_pool:start_link(Url, [{max_connections, MaxConns}]),
-    {ok, Db#httpdb{httpc_pool = Pid}}.
+    Url2 = couch_util:url_strip_credentials(Url),
+    RootUrl = couch_util:root_url(Url2),
+    {ok, Pid} = couch_replicator_httpc_pool:start_link(
+        Url2, [{max_connections, MaxConns}]),
+    case Url of
+    Url2 -> % there are no basic auth credentials included in Url
+        {ok, Db#httpdb{root_url = RootUrl, httpc_pool = Pid}};
+    _ ->
+        #url{username = Username, password = Password} =
+            ibrowse_lib:parse_url(Url),
+        Credentials = ets:new(credentials, [public, {read_concurrency, true}]),
+        ets:insert(Credentials, {basic_auth, {Username, Password}}),
+        {ok, #httpdb{url = Url2, root_url = RootUrl, httpc_pool = Pid,
+                     credentials = Credentials}}
+    end.
 
 
 send_req(HttpDb, Params1, Callback) ->
@@ -43,19 +56,30 @@ send_req(HttpDb, Params1, Callback) ->
     process_response(Response, Worker, HttpDb, Params, Callback).
 
 
-send_ibrowse_req(#httpdb{headers = BaseHeaders} = HttpDb, Params) ->
+send_ibrowse_req(HttpDb, Params) ->
+    {ok, Worker} = case get_value(path, Params) of
+    "_changes" -> ibrowse:spawn_link_worker_process(full_url(HttpDb, Params));
+    _ -> couch_replicator_httpc_pool:get_worker(HttpDb#httpdb.httpc_pool)
+    end,
+    send_ibrowse_req(HttpDb, Params, Worker).
+
+
+send_ibrowse_req(#httpdb{headers = Headers} = HttpDb, Params, Worker) ->
+    BaseHeaders = case HttpDb#httpdb.credentials of
+    undefined ->
+        Headers;
+    Credentials ->
+        case ets:lookup(Credentials, cookie) of
+        [] -> Headers;
+        [{cookie, Cookie, _}] -> [{"Cookie", Cookie} | Headers]
+        end
+    end,
     Method = get_value(method, Params, get),
     UserHeaders = lists:keysort(1, get_value(headers, Params, [])),
     Headers1 = lists:ukeymerge(1, UserHeaders, BaseHeaders),
     Headers2 = oauth_header(HttpDb, Params) ++ Headers1,
     Url = full_url(HttpDb, Params),
     Body = get_value(body, Params, []),
-    case get_value(path, Params) of
-    "_changes" ->
-        {ok, Worker} = ibrowse:spawn_link_worker_process(Url);
-    _ ->
-        {ok, Worker} = couch_replicator_httpc_pool:get_worker(HttpDb#httpdb.httpc_pool)
-    end,
     IbrowseOptions = [
         {response_format, binary}, {inactivity_timeout, HttpDb#httpdb.timeout} |
         lists:ukeymerge(1, get_value(ibrowse_options, Params, []),
@@ -78,7 +102,6 @@ process_response({ibrowse_req_id, ReqId}, Worker, HttpDb, Params, Callback) ->
     process_stream_response(ReqId, Worker, HttpDb, Params, Callback);
 
 process_response({ok, Code, Headers, Body}, Worker, HttpDb, Params, Callback) ->
-    release_worker(Worker, HttpDb),
     case list_to_integer(Code) of
     Ok when (Ok >= 200 andalso Ok < 300) ; (Ok >= 400 andalso Ok < 500) ->
         EJson = case Body of
@@ -87,10 +110,27 @@ process_response({ok, Code, Headers, Body}, Worker, HttpDb, Params, Callback) ->
         Json ->
             ?JSON_DECODE(Json)
         end,
-        Callback(Ok, Headers, EJson);
+        case Ok of
+        401 ->
+            case maybe_start_new_session(HttpDb, Worker) of
+            true ->
+                {Worker, Response} =
+                    send_ibrowse_req(HttpDb, Params, Worker),
+                process_response(Response, Worker, HttpDb, Params, Callback);
+            false ->
+                release_worker(Worker, HttpDb),
+                Callback(Ok, Headers, EJson)
+            end;
+        _ ->
+            release_worker(Worker, HttpDb),
+            maybe_set_session_cookie(HttpDb, Headers),
+            Callback(Ok, Headers, EJson)
+        end;
     R when R =:= 301 ; R =:= 302 ; R =:= 303 ->
+        release_worker(Worker, HttpDb),
         do_redirect(Worker, R, Headers, HttpDb, Params, Callback);
     Error ->
+        release_worker(Worker, HttpDb),
         maybe_retry({code, Error}, Worker, HttpDb, Params, Callback)
     end;
 
@@ -102,20 +142,20 @@ process_stream_response(ReqId, Worker, HttpDb, Params, Callback) ->
     receive
     {ibrowse_async_headers, ReqId, Code, Headers} ->
         case list_to_integer(Code) of
-        Ok when (Ok >= 200 andalso Ok < 300) ; (Ok >= 400 andalso Ok < 500) ->
-            StreamDataFun = fun() ->
-                stream_data_self(HttpDb, Params, Worker, ReqId, Callback)
-            end,
-            ibrowse:stream_next(ReqId),
-            try
-                Ret = Callback(Ok, Headers, StreamDataFun),
-                release_worker(Worker, HttpDb),
-                clean_mailbox_req(ReqId),
-                Ret
-            catch throw:{maybe_retry_req, Err} ->
+        401 ->
+            case maybe_start_new_session(HttpDb) of
+            true ->
                 clean_mailbox_req(ReqId),
-                maybe_retry(Err, Worker, HttpDb, Params, Callback)
+                {Worker, Response} = send_ibrowse_req(HttpDb, Params, Worker),
+                process_response(Response, Worker, HttpDb, Params, Callback);
+            false ->
+                process_stream_response_headers(
+                    ReqId, 401, Headers, Worker, HttpDb, Params, Callback)
             end;
+        Ok when (Ok >= 200 andalso Ok < 300) ; (Ok > 401 andalso Ok < 500) ->
+            maybe_set_session_cookie(HttpDb, Headers),
+            process_stream_response_headers(
+                ReqId, Ok, Headers, Worker, HttpDb, Params, Callback);
         R when R =:= 301 ; R =:= 302 ; R =:= 303 ->
             do_redirect(Worker, R, Headers, HttpDb, Params, Callback);
         Error ->
@@ -131,6 +171,90 @@ process_stream_response(ReqId, Worker, HttpDb, Params, Callback) ->
     end.
 
 
+process_stream_response_headers(ReqId, Code, Headers, Worker, HttpDb, Params, Callback) ->
+    StreamDataFun = fun() ->
+        stream_data_self(HttpDb, Params, Worker, ReqId, Callback)
+    end,
+    ibrowse:stream_next(ReqId),
+    try
+        Ret = Callback(Code, Headers, StreamDataFun),
+        release_worker(Worker, HttpDb),
+        clean_mailbox_req(ReqId),
+        Ret
+    catch throw:{maybe_retry_req, Err} ->
+        clean_mailbox_req(ReqId),
+        maybe_retry(Err, Worker, HttpDb, Params, Callback)
+    end.
+
+
+maybe_start_new_session(HttpDb) ->
+    case need_new_session(HttpDb) of
+    false -> false;
+    true -> start_new_session(HttpDb)
+    end.
+
+
+maybe_start_new_session(HttpDb, Worker) ->
+    case need_new_session(HttpDb) of
+    false -> false;
+    true -> start_new_session(HttpDb, Worker)
+    end.
+
+
+need_new_session(#httpdb{credentials = undefined}) ->
+    false;
+
+need_new_session(#httpdb{credentials = Credentials}) ->
+    case ets:lookup(Credentials, cookie) of
+    [] ->
+        true;
+    [{cookie, _, UpdatedAt}] ->
+        %% As we don't know when the cookie will expire, we just decide
+        %% that we want a new session if the current one is older than
+        %% one minute.
+        OneMinute = 60 * 1000000, % microseconds
+        timer:now_diff(os:timestamp(), UpdatedAt) > OneMinute
+    end.
+
+
+start_new_session(#httpdb{httpc_pool = Pool} = HttpDb) ->
+    {ok, Worker} = couch_replicator_httpc_pool:get_worker(Pool),
+    Result = start_new_session(HttpDb, Worker),
+    release_worker(Worker, HttpDb),
+    Result.
+
+
+start_new_session(#httpdb{credentials = Credentials} = HttpDb, Worker) ->
+    SessionUrl = HttpDb#httpdb.root_url ++ "_session",
+    {Username, Password} = ets:lookup_element(Credentials, basic_auth, 2),
+    JsonBody = ?JSON_ENCODE(
+        {[{name, ?l2b(Username)}, {password, ?l2b(Password)}]}),
+    Response = ibrowse:send_req_direct(Worker, SessionUrl,
+        [{"Content-Type", "application/json"}], post, JsonBody,
+        [{response_format, binary}], infinity),
+    Callback =
+        fun (401, _, _) -> false;
+            (200, Headers, _) -> maybe_set_session_cookie(HttpDb, Headers)
+        end,
+    process_response(Response, Worker, HttpDb, [], Callback).
+
+
+maybe_set_session_cookie(#httpdb{credentials = undefined}, _) ->
+    false;
+
+maybe_set_session_cookie(#httpdb{credentials = Credentials}, Headers) ->
+    case get_value("Set-Cookie", Headers) of
+    undefined ->
+        false;
+    Cookie ->
+        CookieProps = mochiweb_cookies:parse_cookie(Cookie),
+        case couch_util:get_value(?AUTH_SESSION_COOKIE_KEY, CookieProps) of
+        undefined -> false;
+        _ -> ets:insert(Credentials, {cookie, Cookie, os:timestamp()})
+        end
+    end.
+
+
 clean_mailbox_req(ReqId) ->
     receive
     {ibrowse_async_response, ReqId, _} ->
@@ -153,7 +277,7 @@ maybe_retry(Error, Worker, #httpdb{retries = Retries, wait = Wait} = HttpDb,
     Params, Cb) ->
     release_worker(Worker, HttpDb),
     Method = string:to_upper(atom_to_list(get_value(method, Params, get))),
-    Url = couch_util:url_strip_password(full_url(HttpDb, Params)),
+    Url = full_url(HttpDb, Params),
     ?LOG_INFO("Retrying ~s request to ~s in ~p seconds due to error ~s",
         [Method, Url, Wait / 1000, error_cause(Error)]),
     ok = timer:sleep(Wait),
@@ -163,7 +287,7 @@ maybe_retry(Error, Worker, #httpdb{retries = Retries, wait = Wait} = HttpDb,
 
 report_error(Worker, HttpDb, Params, Error) ->
     Method = string:to_upper(atom_to_list(get_value(method, Params, get))),
-    Url = couch_util:url_strip_password(full_url(HttpDb, Params)),
+    Url = full_url(HttpDb, Params),
     do_report_error(Url, Method, Error),
     release_worker(Worker, HttpDb),
     exit({http_request_failed, Method, Url, Error}).
diff --git a/src/couch_replicator/src/couch_replicator_manager.erl b/src/couch_replicator/src/couch_replicator_manager.erl
index 4891c4c4c4e..9cf52077d53 100644
--- a/src/couch_replicator/src/couch_replicator_manager.erl
+++ b/src/couch_replicator/src/couch_replicator_manager.erl
@@ -701,9 +701,6 @@ after_doc_read(#doc{body = {Body}} = Doc, #db{user_ctx=UserCtx} = Db) ->
 strip_credentials(undefined) ->
     undefined;
 strip_credentials(Url) when is_binary(Url) ->
-    re:replace(Url,
-        "http(s)?://(?:[^:]+):[^@]+@(.*)$",
-        "http\\1://\\2",
-        [{return, binary}]);
+    couch_util:url_strip_credentials(Url);
 strip_credentials({Props}) ->
     {lists:keydelete(<<"oauth">>, 1, Props)}.
diff --git a/src/couch_replicator/test/07-use-checkpoints.t b/src/couch_replicator/test/07-use-checkpoints.t
index cefc1a7e367..a3295c7a14a 100755
--- a/src/couch_replicator/test/07-use-checkpoints.t
+++ b/src/couch_replicator/test/07-use-checkpoints.t
@@ -94,6 +94,7 @@ test() ->
     couch_server_sup:start_link(test_util:config_files()),
     ibrowse:start(),
 
+    % order matters
     test_use_checkpoints(false),
     test_use_checkpoints(true),
 
@@ -122,7 +123,23 @@ test_use_checkpoints(UseCheckpoints) ->
         fun({finished, _, {CheckpointHistory}}) ->
             SessionId = lists:keyfind(
                 <<"session_id">>, 1, CheckpointHistory),
-            etap:isnt(SessionId, false, "There's a checkpoint");
+            case SessionId of
+                false ->
+                    OtpRel = erlang:system_info(otp_release),
+                    case OtpRel >= "R14B01" orelse OtpRel < "R14B03" of
+                        false ->
+                            etap:bail("Checkpoint expected, but not found");
+                        true ->
+                            etap:ok(true,
+                                " Checkpoint expected, but wan't found."
+                                " Your Erlang " ++ OtpRel ++ " version is"
+                                " affected to OTP-9167 issue which causes"
+                                " failure of this test. Try to upgrade Erlang"
+                                " and if this failure repeats file the bug.")
+                    end;
+                _ ->
+                    etap:ok(true, "There's a checkpoint")
+            end;
         (_) ->
             ok
         end
diff --git a/src/couchdb/couch_db.hrl b/src/couchdb/couch_db.hrl
index 6888f10da9b..11c3a3accfb 100644
--- a/src/couchdb/couch_db.hrl
+++ b/src/couchdb/couch_db.hrl
@@ -38,6 +38,8 @@
 
 -define(DEFAULT_ATTACHMENT_CONTENT_TYPE, <<"application/octet-stream">>).
 
+-define(AUTH_SESSION_COOKIE_KEY, "AuthSession").
+
 -define(LOG_DEBUG(Format, Args),
     case couch_log:debug_on(?MODULE) of
         true ->
diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index 7ee3e3accd8..3eb2e399095 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -39,11 +39,17 @@ start_link(http) ->
     start_link(?MODULE, [{port, Port}]);
 start_link(https) ->
     Port = couch_config:get("ssl", "port", "6984"),
+    {ok, Ciphers} = couch_util:parse_term(couch_config:get("ssl", "ciphers", "nil")),
+    {ok, Versions} = couch_util:parse_term(couch_config:get("ssl", "tls_versions", "nil")),
+    {ok, SecureRenegotiate} = couch_util:parse_term(couch_config:get("ssl", "secure_renegotiate", "nil")),
     ServerOpts0 =
         [{cacertfile, couch_config:get("ssl", "cacert_file", nil)},
          {keyfile, couch_config:get("ssl", "key_file", nil)},
          {certfile, couch_config:get("ssl", "cert_file", nil)},
-         {password, couch_config:get("ssl", "password", nil)}],
+         {password, couch_config:get("ssl", "password", nil)},
+         {secure_renegotiate, SecureRenegotiate},
+         {versions, Versions},
+         {ciphers, Ciphers}],
 
     case (couch_util:get_value(keyfile, ServerOpts0) == nil orelse
         couch_util:get_value(certfile, ServerOpts0) == nil) of
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 6888f06919d..d00c717ba15 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -160,7 +160,7 @@ proxy_auth_user(Req) ->
 
 
 cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
-    case MochiReq:get_cookie_value("AuthSession") of
+    case MochiReq:get_cookie_value(?AUTH_SESSION_COOKIE_KEY) of
     undefined -> Req;
     [] -> Req;
     Cookie ->
@@ -188,8 +188,12 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
                 FullSecret = <<Secret/binary, UserSalt/binary>>,
                 ExpectedHash = crypto:sha_mac(FullSecret, User ++ ":" ++ TimeStr),
                 Hash = ?l2b(HashStr),
-                Timeout = list_to_integer(
+                ConfiguredTimeout = list_to_integer(
                     couch_config:get("couch_httpd_auth", "timeout", "600")),
+                Timeout = case ConfiguredTimeout < 60 of
+                    true -> 60;
+                    false -> ConfiguredTimeout
+                end,
                 ?LOG_DEBUG("timeout ~p", [Timeout]),
                 case (catch erlang:list_to_integer(TimeStr, 16)) of
                     TimeStamp when CurrentTime < TimeStamp + Timeout ->
@@ -222,7 +226,7 @@ cookie_auth_header(#httpd{user_ctx=#user_ctx{name=User}, auth={Secret, true}}=Re
     % themselves.
     CookieHeader = couch_util:get_value("Set-Cookie", Headers, ""),
     Cookies = mochiweb_cookies:parse_cookie(CookieHeader),
-    AuthSession = couch_util:get_value("AuthSession", Cookies),
+    AuthSession = couch_util:get_value(?AUTH_SESSION_COOKIE_KEY, Cookies),
     if AuthSession == undefined ->
         TimeStamp = make_cookie_time(),
         [cookie_auth_cookie(Req, ?b2l(User), Secret, TimeStamp)];
@@ -234,7 +238,7 @@ cookie_auth_header(_Req, _Headers) -> [].
 cookie_auth_cookie(Req, User, Secret, TimeStamp) ->
     SessionData = User ++ ":" ++ erlang:integer_to_list(TimeStamp, 16),
     Hash = crypto:sha_mac(Secret, SessionData),
-    mochiweb_cookies:cookie("AuthSession",
+    mochiweb_cookies:cookie(?AUTH_SESSION_COOKIE_KEY,
         couch_util:encodeBase64Url(SessionData ++ ":" ++ ?b2l(Hash)),
         [{path, "/"}] ++ cookie_scheme(Req) ++ max_age()).
 
@@ -293,7 +297,7 @@ handle_session_req(#httpd{method='POST', mochi_req=MochiReq}=Req) ->
                 ]});
         _Else ->
             % clear the session
-            Cookie = mochiweb_cookies:cookie("AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req)),
+            Cookie = mochiweb_cookies:cookie(?AUTH_SESSION_COOKIE_KEY, "", [{path, "/"}] ++ cookie_scheme(Req)),
             {Code, Headers} = case couch_httpd:qs_value(Req, "fail", nil) of
                 nil ->
                     {401, [Cookie]};
@@ -329,7 +333,7 @@ handle_session_req(#httpd{method='GET', user_ctx=UserCtx}=Req) ->
     end;
 % logout by deleting the session
 handle_session_req(#httpd{method='DELETE'}=Req) ->
-    Cookie = mochiweb_cookies:cookie("AuthSession", "", [{path, "/"}] ++ cookie_scheme(Req)),
+    Cookie = mochiweb_cookies:cookie(?AUTH_SESSION_COOKIE_KEY, "", [{path, "/"}] ++ cookie_scheme(Req)),
     {Code, Headers} = case couch_httpd:qs_value(Req, "next", nil) of
         nil ->
             {200, [Cookie]};
@@ -345,8 +349,9 @@ maybe_value(Key, Else, Fun) ->
     [{Key, Fun(Else)}].
 
 maybe_upgrade_password_hash(UserName, Password, UserProps) ->
-    case couch_util:get_value(<<"password_scheme">>, UserProps, <<"simple">>) of
-    <<"simple">> ->
+    IsAdmin = lists:member(<<"_admin">>, couch_util:get_value(<<"roles">>, UserProps, [])),
+    case {IsAdmin, couch_util:get_value(<<"password_scheme">>, UserProps, <<"simple">>)} of
+    {false, <<"simple">>} ->
         DbName = ?l2b(couch_config:get("couch_httpd_auth", "authentication_db", "_users")),
         couch_util:with_db(DbName, fun(UserDb) ->
             UserProps2 = proplists:delete(<<"password_sha">>, UserProps),
diff --git a/src/couchdb/couch_passwords.erl b/src/couchdb/couch_passwords.erl
index bbf6d9ac3b1..9abf31b5c42 100644
--- a/src/couchdb/couch_passwords.erl
+++ b/src/couchdb/couch_passwords.erl
@@ -26,7 +26,9 @@ simple(Password, Salt) when is_binary(Password), is_binary(Salt) ->
     ?l2b(couch_util:to_hex(crypto:sha(<<Password/binary, Salt/binary>>))).
 
 %% CouchDB utility functions
--spec hash_admin_password(binary()) -> binary().
+-spec hash_admin_password(binary() | list()) -> binary().
+hash_admin_password(ClearPassword) when is_list(ClearPassword) ->
+    hash_admin_password(?l2b(ClearPassword));
 hash_admin_password(ClearPassword) when is_binary(ClearPassword) ->
     Iterations = couch_config:get("couch_httpd_auth", "iterations", "10000"),
     Salt = couch_uuids:random(),
diff --git a/src/couchdb/couch_util.erl b/src/couchdb/couch_util.erl
index 2509bef929f..0ab9b59b13f 100644
--- a/src/couchdb/couch_util.erl
+++ b/src/couchdb/couch_util.erl
@@ -25,7 +25,7 @@
 -export([get_value/2, get_value/3]).
 -export([md5/1, md5_init/0, md5_update/2, md5_final/1]).
 -export([reorder_results/2]).
--export([url_strip_password/1]).
+-export([root_url/1, url_strip_password/1, url_strip_credentials/1]).
 -export([encode_doc_id/1]).
 -export([with_db/2]).
 -export([rfc1123_date/0, rfc1123_date/1]).
@@ -416,12 +416,29 @@ reorder_results(Keys, SortedResults) ->
     KeyDict = dict:from_list(SortedResults),
     [dict:fetch(Key, KeyDict) || Key <- Keys].
 
+%% e.g. "https://foo.bar:6984/foo/bar?baz=42" -> "https://foo.bar:6984/"
+root_url(Url) ->
+    re:replace(Url,
+        "http(s)?://([^/]+).*$",
+        "http\\1://\\2/",
+        [{return, list}]).
+
 url_strip_password(Url) ->
     re:replace(Url,
         "http(s)?://([^:]+):[^@]+@(.*)$",
         "http\\1://\\2:*****@\\3",
         [{return, list}]).
 
+url_strip_credentials(Url) ->
+    Options = case is_list(Url) of
+    true -> [{return, list}];
+    false when is_binary(Url) -> [{return, binary}]
+    end,
+    re:replace(Url,
+        "http(s)?://(?:[^:]+):[^@]+@(.*)$",
+        "http\\1://\\2",
+        Options).
+
 encode_doc_id(#doc{id = Id}) ->
     encode_doc_id(Id);
 encode_doc_id(Id) when is_list(Id) ->
diff --git a/src/fauxton/app/addons/auth/templates/nav_dropdown.html b/src/fauxton/app/addons/auth/templates/nav_dropdown.html
index d61c24a8825..983b5f7f323 100644
--- a/src/fauxton/app/addons/auth/templates/nav_dropdown.html
+++ b/src/fauxton/app/addons/auth/templates/nav_dropdown.html
@@ -14,7 +14,7 @@
 
 <div id="sidenav">
 <header class="row-fluid">
-  <h3> <%= user.name %> </h3>
+  <h3> <%- user.name %> </h3>
 </header>
 <nav>
 <ul class="nav nav-list">
diff --git a/src/fauxton/app/addons/auth/templates/nav_link_title.html b/src/fauxton/app/addons/auth/templates/nav_link_title.html
index 863955cb34a..20f40a7d4ab 100644
--- a/src/fauxton/app/addons/auth/templates/nav_link_title.html
+++ b/src/fauxton/app/addons/auth/templates/nav_link_title.html
@@ -20,7 +20,7 @@
 <% } else if (user) { %>
   <a  href="#changePassword" >
   	<span class="fonticon-user fonticon"></span> 
-  	<%= user.name %> 
+  	<%- user.name %>
 	</a>
 <% } else { %>
   <a  href="#login" >  
diff --git a/src/fauxton/app/addons/config/templates/item.html b/src/fauxton/app/addons/config/templates/item.html
index 8af9a50ed6e..f5fd73ec7a1 100644
--- a/src/fauxton/app/addons/config/templates/item.html
+++ b/src/fauxton/app/addons/config/templates/item.html
@@ -13,13 +13,13 @@
 -->
 
 <% if (option.index === 0) {%>
-<th> <%= option.section %> </th>
+<th> <%- option.section %> </th>
 <% } else { %>
 <td></td>
 <% } %>
 <td class="js-edit-value"> 
   <div class="js-show-value">
-    <%= option.name %>
+    <%- option.name %>
   </div>
   <div class="js-edit-value-form js-hidden">
     <input class="js-value-input" type="text" name="name" value="<%- option.name %>" />
@@ -29,7 +29,7 @@
 </td>
 <td class="js-edit-value">
   <div class="js-show-value">
-    <%= option.value %>
+    <%- option.value %>
   </div>
   <div class="js-edit-value-form js-hidden">
     <input class="js-value-input" type="text" name="value" value="<%- option.value %>" />
diff --git a/src/fauxton/app/addons/documents/templates/changes.html b/src/fauxton/app/addons/documents/templates/changes.html
index 5978e839e0b..d038361c8d6 100644
--- a/src/fauxton/app/addons/documents/templates/changes.html
+++ b/src/fauxton/app/addons/documents/templates/changes.html
@@ -36,7 +36,7 @@
           <% if (change.deleted) { %>
             <%= change.id %>
           <% } else { %>
-            <a href="#<%= database.url('app') %>/<%= safeURL(change.id) %>"><%= change.id %></a>
+            <a href="#<%- database.url('app') %>/<%- safeURL(change.id) %>"><%= change.id %></a>
           <% } %>    </div>
         <div class="span2 text-right">
           <a class="js-copy" data-clipboard-text="<%= change.id %>" data-bypass="true" href="#">
diff --git a/src/fauxton/app/addons/documents/templates/ddoc_info.html b/src/fauxton/app/addons/documents/templates/ddoc_info.html
index ed0aed6a7b3..b33e49b1a99 100644
--- a/src/fauxton/app/addons/documents/templates/ddoc_info.html
+++ b/src/fauxton/app/addons/documents/templates/ddoc_info.html
@@ -18,7 +18,7 @@ <h2> Design Doc MetaData </h2>
 		<% if(i%2==0){%>
 			<div class="row-fluid">
 		<% }; %>
-	    <div class="span6 well-item"><strong> <%= key %></strong> : <%= val %>  </div>
+	    <div class="span6 well-item"><strong> <%- key %></strong> : <%- val %>  </div>
 	    <% if(i%2==1){%>
 			</div>
 		<% }; %>
diff --git a/src/fauxton/app/addons/documents/templates/delete_database_modal.html b/src/fauxton/app/addons/documents/templates/delete_database_modal.html
index 7ea3bc47e61..2b5448cbde6 100644
--- a/src/fauxton/app/addons/documents/templates/delete_database_modal.html
+++ b/src/fauxton/app/addons/documents/templates/delete_database_modal.html
@@ -20,7 +20,7 @@ <h3>Delete Database</h3>
   <div class="modal-body">
     <form id="delete-db-check" class="form" method="post">
       <p>
-      You've asked to <b>permanently delete</b> <code><%= database.id %></code>.
+      You've asked to <b>permanently delete</b> <code><%- database.id %></code>.
       Please enter the database name below to confirm the deletion of the
       database and all documents and attachments within.
       </p>
diff --git a/src/fauxton/app/addons/documents/templates/design_doc_selector.html b/src/fauxton/app/addons/documents/templates/design_doc_selector.html
index 7bbe310211d..b8f8b3f4b01 100644
--- a/src/fauxton/app/addons/documents/templates/design_doc_selector.html
+++ b/src/fauxton/app/addons/documents/templates/design_doc_selector.html
@@ -12,15 +12,15 @@
 the License.
 -->
 <div class="span3">
-  <label for="ddoc">Save to Design Document <a href="<%=getDocUrl('design_doc')%>" target="_blank"><i class="icon-question-sign"></i></a></label>
+  <label for="ddoc">Save to Design Document <a href="<%-getDocUrl('design_doc')%>" target="_blank"><i class="icon-question-sign"></i></a></label>
   <select id="ddoc">
     <optgroup label="Select a document">
       <option value="new-doc">New document</option>
       <% ddocs.each(function(ddoc) { %>
       <% if (ddoc.id === ddocName) { %>
-      <option selected="selected" value="<%= ddoc.id %>"><%= ddoc.id %></option>
+      <option selected="selected" value="<%- ddoc.id %>"><%- ddoc.id %></option>
       <% } else { %>
-      <option value="<%= ddoc.id %>"><%= ddoc.id %></option>
+      <option value="<%- ddoc.id %>"><%- ddoc.id %></option>
       <% } %>
       <% }); %>
     </optgroup>
diff --git a/src/fauxton/app/addons/documents/templates/doc.html b/src/fauxton/app/addons/documents/templates/doc.html
index 94338680a81..e9a46cfec00 100644
--- a/src/fauxton/app/addons/documents/templates/doc.html
+++ b/src/fauxton/app/addons/documents/templates/doc.html
@@ -31,8 +31,8 @@
       <ul class="dropdown-menu">
         <%_.each(attachments, function (att) { %>
         <li>
-        <a href="<%= att.url %>" target="_blank"> <strong> <%= att.fileName %> </strong> -
-          <span> <%= att.contentType %>, <%= formatSize(att.size)%> </span>
+        <a href="<%- att.url %>" target="_blank"> <strong> <%- att.fileName %> </strong> -
+          <span> <%- att.contentType %>, <%- formatSize(att.size)%> </span>
         </a>
         </li>
         <% }) %>
diff --git a/src/fauxton/app/addons/fauxton/templates/api_bar.html b/src/fauxton/app/addons/fauxton/templates/api_bar.html
index 4fb597172ea..8b614231113 100644
--- a/src/fauxton/app/addons/fauxton/templates/api_bar.html
+++ b/src/fauxton/app/addons/fauxton/templates/api_bar.html
@@ -20,11 +20,11 @@
     <div class="input-prepend input-append">
       <span class="add-on">
         API reference
-        <a href="<%=getDocUrl(documentation)%>" target="_blank">
+        <a href="<%-getDocUrl(documentation)%>" target="_blank">
           <i class="icon-question-sign"></i>
         </a>
       </span>
-      <input type="text" class="input-xxlarge" value="<%= endpoint %>">
-      <a href="<%= endpoint %>" target="_blank" class="btn">Show me</a>
+      <input type="text" class="input-xxlarge" value="<%- endpoint %>">
+      <a href="<%- endpoint %>" target="_blank" class="btn">Show me</a>
     </div>
 </div>
diff --git a/src/fauxton/app/addons/fauxton/templates/breadcrumbs.html b/src/fauxton/app/addons/fauxton/templates/breadcrumbs.html
index 026db89fb4e..18961b7bed3 100644
--- a/src/fauxton/app/addons/fauxton/templates/breadcrumbs.html
+++ b/src/fauxton/app/addons/fauxton/templates/breadcrumbs.html
@@ -15,10 +15,10 @@
 <ul class="breadcrumb">
   <% _.each(_.initial(crumbs), function(crumb) { %>
     <li>
-      <a href="#<%= crumb.link %>"><%= crumb.name %></a>
+      <a href="#<%- crumb.link %>"><%- crumb.name %></a>
       <span class="divider fonticon fonticon-carrot"> </span>
     </li>
   <% }); %>
   <% var last = _.last(crumbs) || {name: ''} %>
-  <li class="active"><%= last.name %></li>
+  <li class="active"><%- last.name %></li>
 </ul>
diff --git a/src/fauxton/app/addons/fauxton/templates/footer.html b/src/fauxton/app/addons/fauxton/templates/footer.html
index 593c11f38cd..591b5a80fc2 100644
--- a/src/fauxton/app/addons/fauxton/templates/footer.html
+++ b/src/fauxton/app/addons/fauxton/templates/footer.html
@@ -12,4 +12,4 @@
 the License.
 -->
 
-<p>Fauxton on <a href="http://couchdb.apache.org/">Apache CouchDB</a> <%=version%></p>
+<p>Fauxton on <a href="http://couchdb.apache.org/">Apache CouchDB</a> <%-version%></p>
diff --git a/src/fauxton/app/addons/fauxton/templates/nav_bar.html b/src/fauxton/app/addons/fauxton/templates/nav_bar.html
index 9ba24f4abc1..75641118127 100644
--- a/src/fauxton/app/addons/fauxton/templates/nav_bar.html
+++ b/src/fauxton/app/addons/fauxton/templates/nav_bar.html
@@ -25,10 +25,10 @@
   <ul id="nav-links" class="nav pull-right">
     <% _.each(navLinks, function(link) { %>
     <% if (link.view) {return;}  %>
-        <li data-nav-name= "<%= link.title %>" >
-          <a href="<%= link.href %>">
-            <i class="<%= link.icon %> fonticon"></i>
-            <%= link.title %>
+        <li data-nav-name= "<%- link.title %>" >
+          <a href="<%- link.href %>">
+            <i class="<%- link.icon %> fonticon"></i>
+            <%- link.title %>
           </a>
         </li>
     <% }); %>
@@ -38,7 +38,7 @@
 
     <ul id="bottom-nav-links" class="nav">
         <li data-nav-name= "Documentation">
-            <a href="<%=getDocUrl('docs')%>" target="_blank">
+            <a href="<%-getDocUrl('docs')%>" target="_blank">
               <i class="fonticon-bookmark fonticon"></i>
                 Documentation
             </a>
@@ -47,10 +47,10 @@
 
       <% _.each(bottomNavLinks, function(link) { %>
       <% if (link.view) {return;}  %>
-        <li data-nav-name= "<%= link.title %>">
-            <a href="<%= link.href %>">
-              <i class="<%= link.icon %> fonticon"></i>
-              <%= link.title %>
+        <li data-nav-name= "<%- link.title %>">
+            <a href="<%- link.href %>">
+              <i class="<%- link.icon %> fonticon"></i>
+              <%- link.title %>
             </a>
         </li>
       <% }); %>
@@ -59,10 +59,10 @@
     <ul id="footer-nav-links" class="nav">
       <% _.each(footerNavLinks, function(link) { %>
       <% if (link.view) {return;}  %>
-        <li data-nav-name= "<%= link.title %>">
-            <a href="<%= link.href %>">
-              <i class="<%= link.icon %> fonticon"></i>
-              <%= link.title %>
+        <li data-nav-name= "<%- link.title %>">
+            <a href="<%- link.href %>">
+              <i class="<%- link.icon %> fonticon"></i>
+              <%- link.title %>
             </a>
         </li>
       <% }); %>
diff --git a/src/fauxton/app/addons/fauxton/templates/notification.html b/src/fauxton/app/addons/fauxton/templates/notification.html
index ca8a9033aa4..1cf121b29a7 100644
--- a/src/fauxton/app/addons/fauxton/templates/notification.html
+++ b/src/fauxton/app/addons/fauxton/templates/notification.html
@@ -12,7 +12,7 @@
 the License.
 -->
 
-<div class="alert alert-<%= type %>">
+<div class="alert alert-<%- type %>">
   <button type="button" class="close" data-dismiss="alert">×</button>
-  <%= msg %>
+  <%- msg %>
 </div>
diff --git a/src/fauxton/app/addons/fauxton/templates/pagination.html b/src/fauxton/app/addons/fauxton/templates/pagination.html
index 19dfc8cfd22..0674c225abd 100644
--- a/src/fauxton/app/addons/fauxton/templates/pagination.html
+++ b/src/fauxton/app/addons/fauxton/templates/pagination.html
@@ -15,17 +15,17 @@
 <div class="pagination pagination-centered">
   <ul>
     <% if (page > 1) { %>
-    <li> <a href="<%= urlFun(page-1) %>">&laquo;</a></li>
+    <li> <a href="<%- urlFun(page-1) %>">&laquo;</a></li>
     <% } else { %>
-      <li class="disabled"> <a href="<%= urlFun(page) %>">&laquo;</a></li>
+      <li class="disabled"> <a href="<%- urlFun(page) %>">&laquo;</a></li>
     <% } %>
     <% _.each(_.range(1, totalPages+1), function(i) { %>
-      <li <% if (page == i) { %>class="active"<% } %>> <a href="<%= urlFun(i) %>"><%= i %></a></li>
+      <li <% if (page == i) { %>class="active"<% } %>> <a href="<%- urlFun(i) %>"><%- i %></a></li>
     <% }) %>
     <% if (page < totalPages) { %>
-      <li><a href="<%= urlFun(page+1) %>">&raquo;</a></li>
+      <li><a href="<%- urlFun(page+1) %>">&raquo;</a></li>
     <% } else { %>
-      <li class="disabled"> <a href="<%= urlFun(page) %>">&raquo;</a></li>
+      <li class="disabled"> <a href="<%- urlFun(page) %>">&raquo;</a></li>
     <% } %>
   </ul>
 </div>
diff --git a/src/fauxton/app/addons/permissions/templates/section.html b/src/fauxton/app/addons/permissions/templates/section.html
index 0459562b16a..fe228f5ff1f 100644
--- a/src/fauxton/app/addons/permissions/templates/section.html
+++ b/src/fauxton/app/addons/permissions/templates/section.html
@@ -13,7 +13,7 @@
 -->
 <header class="page-header">
 <h3> <%= (section) %> </h3>
-<p class="help"> <%= help %> <a href="<%=getDocUrl('database_permission')%>" target="_blank"><i class="icon-question-sign"> </i> </a></p>
+<p class="help"> <%= help %> <a href="<%-getDocUrl('database_permission')%>" target="_blank"><i class="icon-question-sign"> </i> </a></p>
 </header>
 
 <div class="row-fluid">
diff --git a/src/fauxton/app/addons/replication/templates/form.html b/src/fauxton/app/addons/replication/templates/form.html
index 32a87dca3b2..342a4fd9a31 100644
--- a/src/fauxton/app/addons/replication/templates/form.html
+++ b/src/fauxton/app/addons/replication/templates/form.html
@@ -63,7 +63,7 @@
 
 			<label for="createTarget">
 				<input type="checkbox" name="create_target" value="true" id="createTarget">
-				Create Target <a href="<%=getDocUrl('replication_doc')%>" target="_blank"><i class="icon-question-sign" rel="tooltip" title="Create the target database"></i></a>
+				Create Target <a href="<%-getDocUrl('replication_doc')%>" target="_blank"><i class="icon-question-sign" rel="tooltip" title="Create the target database"></i></a>
 			</label>
 		</div>
 
diff --git a/src/fauxton/app/addons/replication/templates/progress.html b/src/fauxton/app/addons/replication/templates/progress.html
index 1e6ef9018a2..ea9d6c31160 100644
--- a/src/fauxton/app/addons/replication/templates/progress.html
+++ b/src/fauxton/app/addons/replication/templates/progress.html
@@ -11,12 +11,12 @@
 License for the specific language governing permissions and limitations under
 the License.
 -->
-<p class="span6 break">Replicating <strong><%=source%></strong> to <strong><%=target%></strong></p>
+<p class="span6 break">Replicating <strong><%-source%></strong> to <strong><%-target%></strong></p>
 
 <div class="span4 progress progress-striped active">
   <div class="bar" style="width: <%=progress || 0%>%;"><%=progress || "0"%>%</div>
 </div>
 
 <span class="span1">
-	<button class="cancel btn btn-danger btn-large delete" data-source="<%=source%>"  data-rep-id="<%=repid%>" data-continuous="<%=continuous%>" data-target="<%=target%>">Cancel</a>
+	<button class="cancel btn btn-danger btn-large delete" data-source="<%-source%>"  data-rep-id="<%-repid%>" data-continuous="<%-continuous%>" data-target="<%-target%>">Cancel</a>
 </span>
diff --git a/test/etap/200-view-group-no-db-leaks.t b/test/etap/200-view-group-no-db-leaks.t
index b711ac85302..9583d098433 100755
--- a/test/etap/200-view-group-no-db-leaks.t
+++ b/test/etap/200-view-group-no-db-leaks.t
@@ -212,6 +212,7 @@ get_db_ref_counter() ->
 check_db_ref_count() ->
     {ok, #db{fd_ref_counter = Ref} = Db} = couch_db:open_int(test_db_name(), []),
     ok = couch_db:close(Db),
+    timer:sleep(200),  % sleep a bit to prevent race condition
     etap:is(couch_ref_counter:count(Ref), 2,
         "DB ref counter is only held by couch_db and couch_db_updater"),
     ok.
diff --git a/test/etap/231-cors.t b/test/etap/231-cors.t
index dd08ca847d1..2f420d1c437 100644
--- a/test/etap/231-cors.t
+++ b/test/etap/231-cors.t
@@ -32,7 +32,7 @@ server() ->
 main(_) ->
     test_util:init_code_path(),
 
-    etap:plan(28),
+    etap:plan(29),
     case (catch test()) of
         ok ->
             etap:end_tests();
@@ -58,10 +58,6 @@ cycle_db(DbName) ->
     Db.
 
 test() ->
-
-    ibrowse:start(),
-    crypto:start(),
-
     %% launch couchdb
     couch_server_sup:start_link(test_util:config_files()),
 
@@ -91,6 +87,7 @@ test() ->
     test_db1_origin_request(),
     test_preflight_with_port1(),
     test_preflight_with_scheme1(),
+    test_if_none_match_header(),
 
     ok = couch_config:set("cors", "origins", "http://example.com:5984", false),
     test_preflight_with_port2(),
@@ -136,7 +133,7 @@ test() ->
     % test multiple per-host configuration
 
     %% do tests with auth
-    ok = set_admin_password("test", "test"),
+    ok = set_admin_password("test", <<"test">>),
 
     test_db_preflight_auth_request(),
     test_db_origin_auth_request(),
diff --git a/test/etap/Makefile.am b/test/etap/Makefile.am
index 66048a9b6f8..c9778ca6ecf 100644
--- a/test/etap/Makefile.am
+++ b/test/etap/Makefile.am
@@ -50,6 +50,7 @@ tap_files = \
     041-uuid-gen-utc.ini \
     041-uuid-gen.t \
     042-work-queue.t \
+    043-find-in-binary.t \
     050-stream.t \
     060-kt-merging.t \
     061-kt-missing-leaves.t \