Form Captcha 1.0.1

[Inverle]

* Improvements
	* The user is now notified that the extension must be enabled for the configuration view to work properly. (due to JS)
* Security
	* Captcha configuration now requires reauthenticating in FreshRSS to protect the secret key
	* Register form wasn't correctly protected because the extension wasn't protecting the POST action, only displaying the captcha widget
	* Fixed potential captcha bypass due to checking for `POST_TO_GET` parameter in the session
	* Use slightly stronger CSP on login and register pages
* Bug fixes
	* Fixed wrong quote in CSP `"` instead of `'`
	* Client IP is now taken from `X-Real-IP` instead of `X-Forwarded-For`, since the latter could contain multiple comma-separated IPs
* Refactor
	* `data-auto-leave-validation` is now being used in the configure view instead of `data-leave-validation`
	* `data-toggle` attributes were removed from the configure view, since they aren't needed anymore as of v1.27.1
	* Other minor changes