Staff should be able to masquerade when previewing content.

Exposing absolute/CDN image URLs via Course API

ECOM-4013

asadiqbal08/WL-389: Update ubcpi XBlock version

Fix broken import due to merging oauth changes to master

Add finished() metric for login and registration.

making the accordion template escape by default

Merge oauth release into master via intermediary branch

Fix certificate exception view.

Custom icons for SSO providers

Call New Relic's finished() event marker to measure when the login and
registration pages actually become usable. This is important because the
pageLoad event can be distorted by analytics and marketing tools that
trigger after the page looks complete to the user.

Note: The "xfinished" PageAction is there to work around a New Relic bug
where "finished" events weren't making it into Insights. The reason we
have both is because finished() *does* still show up in session traces.

[PERF-298]

Deprecating REST APIs per DOC-2101, DOC-2653. Also adding the -W shpinx-build option per DOC-2530.

- Icon images can be uploaded from the django admin
- Test coverage improved

Enable next/prev button across sections

XSS Safe by default: dashboard, header, footer, navigation, help_modal

Update developer links to point directly to Confluence pages

ECOM-3194 Create the listing page of Programs (x-series) which learners have enrolled in

make sure email from addresses don't exceed 320 characters (TNL-4264)

introducing django-oauth-toolkit and public client refresh tokens

mattdrayer/update-xblock-dependency: Bump to 0.4.7

Verify student template safety

Read ELASTIC_SEARCH_CONFIG setting from the cms.env.json file

clean up and fix quality violations

since get_course can never return None, we can remove these lines