LGTM: ignore insecure-cookie when unsetting the cookie.
As long as we're exposing the admin console on a non-HTTPS endpoint (our port 9090), we will have a need to set cookies on an unsecure endpoint. This raises (rightfully) the LGTM 'insecure-cookie' alert, as Insecure cookies may be sent in cleartext, which makes them vulnerable to interception.
However, LGTM also raises this alert when we remove the cookie (which we do by setting an immediately-expired cookie with no data). The alert can be suppressed for that one.
OF-2411: Prevent deadlock in XmlProperties OF-2377 introduced an updated implementation of the thread-safety module of XmlProperties (the old one wasn't fully thread-safe).
This new implementation causes a very specific problem at startup: When the initial attempt to migrate an XmlProperty is undertaken, TaskEngine is instantiated, which in turn tries to read/write properties (while under lock). This causes a deadlock.
To work around this issue, this commit replaces the usage of TaskEngine with a throw-away thread (that does not use any properties).
OF-2412: Handle secure XML property migration synchronously
When Openfire starts, all XML properties are migrated to the database. This currently is performed in an asynchronous process. This seems to open the door for a race condition. As the amount of properties involved is unlikely to be very high, switching to a synchronous process seems to offer more predictability.