Bug 953426: expose remote content per-host privileges. r=mconley, sr=neil ui-r=bwinton a=standard8
authorMagnus Melin <mkmelin+mozilla@iki.fi>
Mon, 28 Apr 2014 13:30:27 +0300
changeset 16124 45cc03b40060d5d5aa8f8bd3c20082e1e709d723
parent 16123 ec82de81c636d3d76a61194fefd88e27e5c7b90b
child 16125 af30e12503ab60017b490d09d4108696e77cb2fd
push id10084
push usermkmelin@iki.fi
push dateMon, 28 Apr 2014 10:32:05 +0000
treeherdercomm-central@af30e12503ab [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersmconley, neil, bwinton, standard8
bugs953426
Bug 953426: expose remote content per-host privileges. r=mconley, sr=neil ui-r=bwinton a=standard8 Borrow firefox icons: convert -extract 32x32+128+0 +repage mozilla/browser/themes/linux/preferences/Options.png mail/themes/linux/mail/preferences/privacy.png convert -extract 32x32+128+0 +repage mozilla/browser/themes/windows/preferences/Options.png mail/themes/windows/mail/preferences/privacy.png convert -extract 32x32+128+0 +repage mozilla/browser/themes/windows/preferences/Options-aero.png mail/themes/windows/mail/preferences/privacy-aero.png convert -extract 32x32+128+0 +repage mozilla/browser/themes/osx/preferences/Options.png /tmp/osx-privacy.png convert -adjoin mail/themes/osx/mail/preferences/mail-options.png /tmp/osx-privacy.png +append mail/themes/osx/mail/preferences/mail-options.png convert -adjoin mail/themes/osx/mail/preferences/mail-options@2x.png /tmp/osx-privacy@2x.png +append mail/themes/osx/mail/preferences/mail-options@2x.png
mail/base/content/mailWindowOverlay.js
mail/base/content/mailWindowOverlay.xul
mail/base/content/msgHdrViewOverlay.js
mail/components/preferences/jar.mn
mail/components/preferences/permissions.js
mail/components/preferences/preferences.xul
mail/components/preferences/privacy.js
mail/components/preferences/privacy.xul
mail/components/preferences/security.js
mail/components/preferences/security.xul
mail/locales/en-US/chrome/messenger/messenger.dtd
mail/locales/en-US/chrome/messenger/messenger.properties
mail/locales/en-US/chrome/messenger/preferences/permissions.dtd
mail/locales/en-US/chrome/messenger/preferences/preferences.dtd
mail/locales/en-US/chrome/messenger/preferences/preferences.properties
mail/locales/en-US/chrome/messenger/preferences/privacy.dtd
mail/locales/en-US/chrome/messenger/preferences/security.dtd
mail/locales/jar.mn
mail/test/mozmill/content-policy/test-general-content-policy.js
mail/test/mozmill/pref-window/test-donottrack-prefs.js
mail/themes/linux/jar.mn
mail/themes/linux/mail/preferences/preferences.css
mail/themes/linux/mail/preferences/privacy.png
mail/themes/osx/mail/preferences/mail-options.png
mail/themes/osx/mail/preferences/mail-options@2x.png
mail/themes/osx/mail/preferences/preferences.css
mail/themes/windows/jar.mn
mail/themes/windows/mail/preferences/preferences.css
mail/themes/windows/mail/preferences/privacy-aero.png
mail/themes/windows/mail/preferences/privacy.png
mailnews/base/src/nsMsgContentPolicy.cpp
mailnews/extensions/bayesian-spam-filter/src/nsBayesianFilter.cpp
mailnews/mime/public/nsIMimeMiscStatus.idl
mailnews/mime/test/unit/test_attachment_size.js
mailnews/mime/test/unit/test_badContentType.js
mailnews/mime/test/unit/test_hidden_attachments.js
mailnews/mime/test/unit/test_message_attachment.js
mailnews/mime/test/unit/test_rfc822_body.js
--- a/mail/base/content/mailWindowOverlay.js
+++ b/mail/base/content/mailWindowOverlay.js
@@ -2885,17 +2885,17 @@ var gMessageNotificationBar =
         buttons);
     }
   },
 
   isShowingJunkNotification: function() {
     return !!this.msgNotificationBar.getNotificationWithValue("junkContent");
   },
 
-  setRemoteContentMsg: function(aMsgHdr)
+  setRemoteContentMsg: function(aMsgHdr, aContentURI)
   {
     // update the allow remote content for sender string
     let emailAddress = MailServices.headerParser.extractHeaderAddressMailboxes(aMsgHdr.author);
     var desc = document.getElementById("bundle_messenger")
                        .getFormattedString("alwaysLoadRemoteContentForSender2",
                                            [emailAddress ? emailAddress : aMsgHdr.author]);
     let displayName = MailServices.headerParser.extractHeaderAddressName(aMsgHdr.author);
     let brandName = this.brandBundle.getString("brandShortName");
@@ -2915,16 +2915,23 @@ var gMessageNotificationBar =
     }];
 
     if (!this.isShowingRemoteContentNotification()) {
       this.msgNotificationBar.appendNotification(remoteContentMsg, "remoteContent",
         "chrome://messenger/skin/icons/remote-blocked.png",
         this.msgNotificationBar.PRIORITY_WARNING_MEDIUM,
         buttons);
     }
+
+    // The popup value is a space separated list of all the blocked hosts.
+    let popup = document.getElementById("remoteContentOptions");
+    let hosts = popup.value ? popup.value.split(" ") : [];
+    if (hosts.indexOf(aContentURI.host) == -1)
+      hosts.push(aContentURI.host);
+    popup.value = hosts.join(" ");
   },
 
   isShowingRemoteContentNotification: function() {
     return !!this.msgNotificationBar.getNotificationWithValue("remoteContent");
   },
 
   setPhishingMsg: function()
   {
@@ -3101,16 +3108,74 @@ function allowRemoteContentForSender()
   }
 
   // Reload the message if we've updated the remote content policy for the sender.
   if (allowRemoteContent)
     ReloadMessage();
 }
 
 /**
+ * Populate the remote content options for the current message.
+ */
+function onRemoteContentOptionsShowing(aEvent) {
+  let hosts = aEvent.target.value ? aEvent.target.value.split(" ") : [];
+
+  let addresses = {};
+  MailServices.headerParser.parseHeadersWithArray(
+    gMessageDisplay.displayedMessage.author, addresses, {}, {});
+  let authorEmailAddress = addresses.value[0];
+  // Needs bug 457296 policy patch to actually work, but I don't want to
+  // keep this bug hostage for that, so just if-false it for now.
+  if (false && authorEmailAddress)
+    hosts.splice(0, 0, authorEmailAddress);
+
+  let messengerBundle = document.getElementById("bundle_messenger");
+
+  // Out with the old...
+  let childNodes = aEvent.target.childNodes;
+  for (let i = childNodes.length - 1; i >= 0; i--) {
+    if (childNodes[i].getAttribute("class") == "allow-remote-uri")
+      childNodes[i].remove();
+  }
+
+  // ... and in with the new.
+  for (let host of hosts) {
+    let uri = Services.io.newURI(
+      host.contains("@") ? "mailto:" + host : "http://" + host, null, null);
+
+    let menuitem = document.createElement("menuitem");
+    menuitem.setAttribute("label",
+      messengerBundle.getFormattedString("remoteAllow", [host]));
+    menuitem.setAttribute("value", uri.spec);
+    menuitem.setAttribute("class", "allow-remote-uri");
+    menuitem.setAttribute("oncommand", "allowRemoteContentForSite(this.value);");
+    aEvent.target.appendChild(menuitem);
+  }
+}
+
+/**
+ * Add privileges to display remote content for the given uri.
+ * @param aUriSpec |String| uri for the site to add permissions for.
+ */
+function allowRemoteContentForSite(aUriSpec) {
+  let uri = Services.io.newURI(aUriSpec, null, null);
+  Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
+  ReloadMessage();
+}
+
+/**
+ * Displays fine-grained, per-site preferences for remote content.
+ */
+function editRemoteContentSettings() {
+  openOptionsDialog("panePrivacy");
+  if(!Services.prefs.getBoolPref("browser.preferences.instantApply"))
+    ReloadMessage();
+}
+
+/**
  *  Set the msg hdr flag to ignore the phishing warning and reload the message.
  */
 function IgnorePhishingWarning()
 {
   // This property should really be called skipPhishingWarning or something
   // like that, but it's too late to change that now.
   // This property is used to supress the phishing bar for the message.
   setMsgHdrPropertyAndReload("notAPhishMessage", 1);
@@ -3238,16 +3303,19 @@ function OnMsgLoaded(aUrl)
     else // standalone msg window
     {
       MarkMessageAsRead(msgHdr);
     }
   }
 
   // See if MDN was requested but has not been sent.
   HandleMDNResponse(aUrl);
+
+  // Reset the blocked hosts so we can populate it again for this message.
+  document.getElementById("remoteContentOptions").value = "";
 }
 
 /**
  * This function handles all mdn response generation (ie, imap and pop).
  * For pop the msg uid can be 0 (ie, 1st msg in a local folder) so no
  * need to check uid here. No one seems to set mimeHeaders to null so
  * no need to check it either.
  */
--- a/mail/base/content/mailWindowOverlay.xul
+++ b/mail/base/content/mailWindowOverlay.xul
@@ -967,25 +967,37 @@
              onpopupshowing="onViewToolbarsPopupShowing(event, 'mail-toolbox');">
     <menuseparator id="customizeMailToolbarMenuSeparator"/>
     <menuitem id="CustomizeMailToolbar"
               command="cmd_CustomizeMailToolbar"
               label="&customizeToolbar.label;"
               accesskey="&customizeToolbar.accesskey;"/>
   </menupopup>
 
-  <menupopup id="remoteContentOptions">
+  <menupopup id="remoteContentOptions" value=""
+             onpopupshowing="onRemoteContentOptionsShowing(event);">
     <menuitem id="remoteContentOptionAllowForMsg"
               label="&remoteContentOptionsAllowForMsg.label;"
               accesskey="&remoteContentOptionsAllowForMsg.accesskey;"
               oncommand="LoadMsgWithRemoteContent();"/>
-    <menuitem id="remoteContentOptionAllowForAddress"
+    <menuseparator id="remoteContentSettingsMenuSeparator"/>
+    <menuitem id="editRemoteContentSettings"
+#ifdef XP_WIN
+              label="&editRemoteContentSettings.label;"
+              accesskey="&editRemoteContentSettings.accesskey;"
+#else
+              label="&editRemoteContentSettingsUnix.label;"
+              accesskey="&editRemoteContentSettingsUnix.accesskey;"
+#endif
+              oncommand="editRemoteContentSettings();"/>
+<!--    <menuitem id="remoteContentOptionAllowForAddress"
               label="&remoteContentOptionAllowForAddress.label;"
               accesskey="&remoteContentOptionAllowForAddress.accesskey;"
               oncommand="allowRemoteContentForSender();"/>
+-->
   </menupopup>
 
   <menupopup id="phishingOptions">
     <menuitem id="phishingOptionIgnore"
               label="&phishingOptionIgnore.label;"
               accesskey="&phishingOptionIgnore.accesskey;"
               oncommand="IgnorePhishingWarning();"/>
     <menuitem id="phishingOptionSettings"
--- a/mail/base/content/msgHdrViewOverlay.js
+++ b/mail/base/content/msgHdrViewOverlay.js
@@ -721,19 +721,19 @@ var messageHeaderSink = {
       OnMsgParsed(url);
     },
 
     onEndMsgHeaders: function(url)
     {
       OnMsgLoaded(url);
     },
 
-    onMsgHasRemoteContent: function(aMsgHdr)
+    onMsgHasRemoteContent: function(aMsgHdr, aContentURI)
     {
-      gMessageNotificationBar.setRemoteContentMsg(aMsgHdr);
+      gMessageNotificationBar.setRemoteContentMsg(aMsgHdr, aContentURI);
     },
 
     mSecurityInfo  : null,
     mSaveHdr: null,
     get securityInfo()
     {
       return this.mSecurityInfo;
     },
--- a/mail/components/preferences/jar.mn
+++ b/mail/components/preferences/jar.mn
@@ -12,16 +12,18 @@ messenger.jar:
 #endif
     content/messenger/preferences/display.xul
     content/messenger/preferences/display.js
     content/messenger/preferences/chat.xul
     content/messenger/preferences/chat.js
 *   content/messenger/preferences/colors.xul
     content/messenger/preferences/compose.xul
     content/messenger/preferences/compose.js
+    content/messenger/preferences/privacy.xul
+    content/messenger/preferences/privacy.js
 *   content/messenger/preferences/sendoptions.xul
     content/messenger/preferences/sendoptions.js
     content/messenger/preferences/security.xul
     content/messenger/preferences/security.js
 *   content/messenger/preferences/advanced.js
 *   content/messenger/preferences/advanced.xul
 *   content/messenger/preferences/receipts.xul
     content/messenger/preferences/connection.js
--- a/mail/components/preferences/permissions.js
+++ b/mail/components/preferences/permissions.js
@@ -67,20 +67,21 @@ var gPermissionManager = {
       break;
     }
     return this._bundle.getString(stringKey);
   },
 
   addPermission: function (aCapability)
   {
     var textbox = document.getElementById("url");
-    var host = textbox.value.replace(/^\s*([-\w]*:\/+)?/, ""); // trim any leading space and scheme
+    let scheme = textbox.value.contains("@") ? "mailto:" : "http://";
+    let host = textbox.value.replace(/^\s*([-\w]*:\/*)?/, ""); // trim any leading space and scheme
     try {
-      var uri = Services.io.newURI("http://" + host, null, null);
-      host = uri.host;
+      let uri = Services.io.newURI(scheme + host, null, null);
+      host = uri.spec.startsWith("mailto:") ? uri.spec : uri.host;
     } catch(ex) {
       var message = this._bundle.getString("invalidURI");
       var title = this._bundle.getString("invalidURITitle");
       Services.prompt.alert(window, title, message);
       return;
     }
 
     var capabilityString = this._getCapabilityString(aCapability);
@@ -94,17 +95,19 @@ var gPermissionManager = {
         // update the listbox for us.
         exists = this._permissions[i].perm == aCapability;
         break;
       }
     }
 
     if (!exists) {
       host = host.startsWith(".") ? host.substr(1) : host;
-      let uri = Services.io.newURI("http://" + host, null, null);
+      // For mailto: uris permissions are keyed off the address.
+      host = host.replace(/^mailto:/, "");
+      let uri = Services.io.newURI(scheme + host, null, null);
       Services.perms.add(uri, this._type, aCapability);
     }
     textbox.value = "";
     textbox.focus();
 
     // covers a case where the site exists already, so the buttons don't disable
     this.onHostInput(textbox);
 
--- a/mail/components/preferences/preferences.xul
+++ b/mail/components/preferences/preferences.xul
@@ -61,15 +61,17 @@
   <prefpane id="paneGeneral" label="&paneGeneral.title;"
             src="chrome://messenger/content/preferences/general.xul"/>
   <prefpane id="paneDisplay" label="&paneDisplay.title;"
             src="chrome://messenger/content/preferences/display.xul"/>
   <prefpane id="paneCompose" label="&paneComposition.title;"
             src="chrome://messenger/content/preferences/compose.xul"/>
   <prefpane id="paneChat" label="&paneChat.title;"
             src="chrome://messenger/content/preferences/chat.xul"/>
+  <prefpane id="panePrivacy" label="&panePrivacy.title;"
+            src="chrome://messenger/content/preferences/privacy.xul"/>
   <prefpane id="paneSecurity" label="&paneSecurity.title;"
             src="chrome://messenger/content/preferences/security.xul"/>
   <prefpane id="paneApplications" label="&paneAttachments.title;"
             src="chrome://messenger/content/preferences/applications.xul"/>
   <prefpane id="paneAdvanced" label="&paneAdvanced.title;"
             src="chrome://messenger/content/preferences/advanced.xul"/>
 </prefwindow>
new file mode 100644
--- /dev/null
+++ b/mail/components/preferences/privacy.js
@@ -0,0 +1,181 @@
+/* -*- Mode: JavaScript; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*-
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+let gPrivacyPane = {
+
+  init: function() {},
+
+  /**
+   * Reload the current message after a preference affecting the view
+   * has been changed and we are in instantApply mode.
+   */
+  reloadMessageInOpener: function()
+  {
+    if (Services.prefs.getBoolPref("browser.preferences.instantApply") &&
+        window.opener && typeof(window.opener.ReloadMessage) == "function")
+      window.opener.ReloadMessage();
+  },
+
+  /**
+   * Reads the network.cookie.cookieBehavior preference value and
+   * enables/disables the rest of the cookie UI accordingly, returning true
+   * if cookies are enabled.
+   */
+  readAcceptCookies: function()
+  {
+    let pref = document.getElementById("network.cookie.cookieBehavior");
+    let acceptThirdPartyLabel = document.getElementById("acceptThirdPartyLabel");
+    let acceptThirdPartyMenu = document.getElementById("acceptThirdPartyMenu");
+    let keepUntil = document.getElementById("keepUntil");
+    let menu = document.getElementById("keepCookiesUntil");
+
+    // enable the rest of the UI for anything other than "disable all cookies"
+    let acceptCookies = (pref.value != 2);
+
+    acceptThirdPartyLabel.disabled = acceptThirdPartyMenu.disabled = !acceptCookies;
+    keepUntil.disabled = menu.disabled = !acceptCookies;
+
+    return acceptCookies;
+  },
+
+  /**
+   * Enables/disables the "keep until" label and menulist in response to the
+   * "accept cookies" checkbox being checked or unchecked.
+   * @return 0 if cookies are accepted, 2 if they are not;
+   *         the value network.cookie.cookieBehavior should get
+   */
+  writeAcceptCookies: function()
+  {
+    let accept = document.getElementById("acceptCookies");
+    let acceptThirdPartyMenu = document.getElementById("acceptThirdPartyMenu");
+    // if we're enabling cookies, automatically select 'accept third party always'
+    if (accept.checked)
+      acceptThirdPartyMenu.selectedIndex = 0;
+
+    return accept.checked ? 0 : 2;
+  },
+
+  /**
+   * Displays fine-grained, per-site preferences for cookies.
+   */
+  showCookieExceptions: function()
+  {
+    let bundle = document.getElementById("bundlePreferences");
+    let params = { blockVisible   : true,
+                   sessionVisible : true,
+                   allowVisible   : true,
+                   prefilledHost  : "",
+                   permissionType : "cookie",
+                   windowTitle    : bundle.getString("cookiepermissionstitle"),
+                   introText      : bundle.getString("cookiepermissionstext") };
+    document.documentElement.openWindow("mailnews:permissions",
+                        "chrome://messenger/content/preferences/permissions.xul",
+                        "", params);
+  },
+
+  /**
+   * Displays all the user's cookies in a dialog.
+   */
+  showCookies: function(aCategory)
+  {
+    document.documentElement.openWindow("mailnews:cookies",
+      "chrome://messenger/content/preferences/cookies.xul", "", null);
+  },
+
+  /**
+   * Converts between network.cookie.cookieBehavior and the third-party cookie UI
+   */
+  readAcceptThirdPartyCookies: function()
+  {
+    let pref = document.getElementById("network.cookie.cookieBehavior");
+    switch (pref.value)
+    {
+      case 0:
+        return "always";
+      case 1:
+        return "never";
+      case 2:
+        return "never";
+      case 3:
+        return "visited";
+      default:
+        return undefined;
+    }
+  },
+
+  writeAcceptThirdPartyCookies: function()
+  {
+    let accept = document.getElementById("acceptThirdPartyMenu").selectedItem;
+    switch (accept.value)
+    {
+      case "always":
+        return 0;
+      case "visited":
+        return 3;
+      case "never":
+        return 1;
+      default:
+        return undefined;
+    }
+  },
+
+  /**
+   * Displays fine-grained, per-site preferences for remote content.
+   * We use the "image" type for that, but it can also be stylesheets or
+   * iframes.
+   */
+  showRemoteContentExceptions: function()
+  {
+    let bundle = document.getElementById("bundlePreferences");
+    let params = { blockVisible   : true,
+                   sessionVisible : false,
+                   allowVisible   : true,
+                   prefilledHost  : "",
+                   permissionType : "image",
+                   windowTitle    : bundle.getString("imagepermissionstitle"),
+                   introText      : bundle.getString("imagepermissionstext") };
+    document.documentElement.openWindow("mailnews:permissions",
+      "chrome://messenger/content/preferences/permissions.xul", "", params);
+  },
+
+  /**
+   * Update the Tracking preferences based on controls.
+   * @return the value that the privacy.donottrackheader.value pref should get
+   */
+  setTrackingPrefs: function()
+  {
+    let dntRadioGroup = document.getElementById("doNotTrackSelection"),
+        dntValuePref = document.getElementById("privacy.donottrackheader.value"),
+        dntEnabledPref = document.getElementById("privacy.donottrackheader.enabled");
+
+    // If the selected radio button says "no preference", set on/off pref to
+    // false and don't change the value pref.
+    if (dntRadioGroup.selectedItem.value == -1) {
+      dntEnabledPref.value = false;
+      return dntValuePref.value;
+    }
+
+    dntEnabledPref.value = true;
+    return dntRadioGroup.selectedItem.value;
+  },
+
+  /**
+   * Obtain the tracking preference value and reflect it in the UI.
+   * @return the value that the privacy.donottrackheader.value pref should have
+   */
+  getTrackingPrefs: function()
+  {
+    let dntValuePref = document.getElementById("privacy.donottrackheader.value"),
+        dntEnabledPref = document.getElementById("privacy.donottrackheader.enabled");
+
+    // if DNT is enbaled, select the value from the selected radio
+    // button, otherwise choose the "no preference" radio button
+    if (dntEnabledPref.value)
+      return dntValuePref.value;
+
+    return document.getElementById("dntnopref").value;
+  },
+
+};
new file mode 100644
--- /dev/null
+++ b/mail/components/preferences/privacy.xul
@@ -0,0 +1,146 @@
+<?xml version="1.0"?>
+<!-- -*- Mode: Java; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+   - This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<!DOCTYPE overlay [
+<!ENTITY % brandDTD SYSTEM "chrome://branding/locale/brand.dtd">
+<!ENTITY % privacyDTD SYSTEM "chrome://messenger/locale/preferences/privacy.dtd">
+%brandDTD;
+%privacyDTD;
+]>
+
+<overlay id="PrivacyPaneOverlay"
+         xmlns="http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul">
+  <prefpane id="panePrivacy" onpaneload="gPrivacyPane.init();">
+    <script type="application/javascript" src="chrome://messenger/content/preferences/privacy.js"/>
+
+    <stringbundle id="bundlePreferences" src="chrome://messenger/locale/preferences/preferences.properties"/>
+
+    <preferences id="privacyPreferences">
+
+      <!-- XXX button prefs -->
+      <preference id="pref.privacy.disable_button.cookie_exceptions"
+                  name="pref.privacy.disable_button.cookie_exceptions"
+                  type="bool"/>
+      <preference id="pref.privacy.disable_button.view_cookies"
+                  name="pref.privacy.disable_button.view_cookies"
+                  type="bool"/>
+
+      <!-- Remote Content -->
+      <preference id="mailnews.message_display.disable_remote_image"
+                  name="mailnews.message_display.disable_remote_image"
+                  type="bool" inverted="true"
+                  onchange="gPrivacyPane.reloadMessageInOpener();"/>
+
+      <!-- Cookies -->
+      <preference id="network.cookie.cookieBehavior"
+                  name="network.cookie.cookieBehavior"
+                  type="int"/>
+      <preference id="network.cookie.lifetimePolicy"
+                  name="network.cookie.lifetimePolicy"
+                  type="int"/>
+      <preference id="network.cookie.blockFutureCookies"
+                  name="network.cookie.blockFutureCookies"
+                  type="bool"/>
+
+      <!-- Tracking -->
+      <preference id="privacy.donottrackheader.enabled"
+                  name="privacy.donottrackheader.enabled"
+                  type="bool"/>
+      <preference id="privacy.donottrackheader.value"
+                  name="privacy.donottrackheader.value"
+                  type="int"/>
+    </preferences>
+
+    <!-- Mail Content -->
+    <groupbox id="mailContentGroup">
+      <caption label="&captionMailContent.label;"/>
+      <hbox id="remoteContentBox">
+        <checkbox id="acceptRemoteContent" flex="1"
+                  preference="mailnews.message_display.disable_remote_image"
+                  label="&acceptRemoteContent.label;"
+                  accesskey="&acceptRemoteContent.accesskey;"/>
+        <button id="remoteContentExceptions"
+                oncommand="gPrivacyPane.showRemoteContentExceptions();"
+                label="&remoteContentExceptions.label;"
+                accesskey="&remoteContentExceptions.accesskey;"/>
+      </hbox>
+      <label id="acceptRemoteContentInfo" class="text-link"
+             href="https://support.mozilla.org/kb/remote-content-in-messages"
+             value="&acceptRemoteContentInfo.label;"/>
+    </groupbox>
+
+    <!-- Web Content -->
+    <groupbox id="webContentGroup">
+      <caption label="&captionWebContent.label;"/>
+      <hbox id="cookiesBox">
+        <checkbox id="acceptCookies" flex="1"
+                  preference="network.cookie.cookieBehavior"
+                  label="&acceptCookies.label;"
+                  accesskey="&acceptCookies.accesskey;"
+                  onsyncfrompreference="return gPrivacyPane.readAcceptCookies();"
+                  onsynctopreference="return gPrivacyPane.writeAcceptCookies();"/>
+        <button id="cookieExceptions"
+                oncommand="gPrivacyPane.showCookieExceptions();"
+                label="&cookieExceptions.label;"
+                accesskey="&cookieExceptions.accesskey;"
+                preference="pref.privacy.disable_button.cookie_exceptions"/>
+      </hbox>
+      <hbox id="acceptThirdPartyRow" class="indent">
+        <hbox id="acceptThirdPartyBox" align="center">
+          <label id="acceptThirdPartyLabel" control="acceptThirdPartyMenu"
+                 accesskey="&acceptThirdParty.pre.accesskey;">&acceptThirdParty.pre.label;</label>
+          <menulist id="acceptThirdPartyMenu" preference="network.cookie.cookieBehavior"
+          onsyncfrompreference="return gPrivacyPane.readAcceptThirdPartyCookies();"
+          onsynctopreference="return gPrivacyPane.writeAcceptThirdPartyCookies();">
+            <menupopup>
+              <menuitem label="&acceptThirdParty.always.label;" value="always"/>
+              <menuitem label="&acceptThirdParty.visited.label;" value="visited"/>
+              <menuitem label="&acceptThirdParty.never.label;" value="never"/>
+            </menupopup>
+          </menulist>
+        </hbox>
+      </hbox>
+      <hbox id="keepRow" class="indent">
+        <hbox id="keepBox" align="center">
+          <label id="keepUntil"
+                 control="keepCookiesUntil"
+                 accesskey="&keepUntil.accesskey;">&keepUntil.label;</label>
+          <menulist id="keepCookiesUntil"
+                    preference="network.cookie.lifetimePolicy">
+            <menupopup>
+              <menuitem label="&expire.label;" value="0"/>
+              <menuitem label="&close.label;" value="2"/>
+              <menuitem label="&askEachTime.label;" value="1"/>
+            </menupopup>
+          </menulist>
+        </hbox>
+        <hbox flex="1"/>
+        <button id="showCookiesButton" label="&showCookies.label;"
+                accesskey="&showCookies.accesskey;"
+                oncommand="gPrivacyPane.showCookies();"
+                preference="pref.privacy.disable_button.view_cookies"/>
+      </hbox>
+
+      <radiogroup id="doNotTrackSelection" orient="vertical"
+                  preference="privacy.donottrackheader.value"
+                  onsynctopreference="return gPrivacyPane.setTrackingPrefs()"
+                  onsyncfrompreference="return gPrivacyPane.getTrackingPrefs()">
+        <radio id="dntnotrack" value="1" label="&dntTrackingNotOkay.label2;"
+                accesskey="&dntTrackingNotOkay.accesskey;" />
+        <radio id="dntdotrack" value="0" label="&dntTrackingOkay.label2;"
+                accesskey="&dntTrackingOkay.accesskey;" />
+        <radio id="dntnopref" value="-1" label="&dntTrackingNopref.label2;"
+                accesskey="&dntTrackingNopref.accesskey;" />
+      </radiogroup>
+      <label class="text-link" id="doNotTrackInfo"
+             href="https://www.mozilla.org/dnt"
+             value="&doNotTrackInfo.label;"/>
+
+    </groupbox>
+
+  </prefpane>
+</overlay>
+
--- a/mail/components/preferences/security.js
+++ b/mail/components/preferences/security.js
@@ -184,67 +184,9 @@ var gSecurityPane = {
                                         "", null);
   },
 
   updateDownloadedPhishingListState: function()
   {
     document.getElementById('useDownloadedList').disabled = !document.getElementById('enablePhishingDetector').checked;
   },
 
-  /**
-   * Reads the network.cookie.cookieBehavior preference value and
-   * enables/disables the rest of the cookie UI accordingly, returning true
-   * if cookies are enabled.
-   */
-  readAcceptCookies: function ()
-  {
-    var pref = document.getElementById("network.cookie.cookieBehavior");
-    var keepUntil = document.getElementById("keepUntil");
-    var menu = document.getElementById("keepCookiesUntil");
-
-    // enable the rest of the UI for anything other than "disable all cookies"
-    var acceptCookies = (pref.value != 2);
-
-    keepUntil.disabled = menu.disabled = this._autoStartPrivateBrowsing || !acceptCookies;
-
-    return acceptCookies;
-  },
-
-  /**
-   * Enables/disables the "keep until" label and menulist in response to the
-   * "accept cookies" checkbox being checked or unchecked.
-   */
-  writeAcceptCookies: function ()
-  {
-    var accept = document.getElementById("acceptCookies");
-
-    return accept.checked ? 0 : 2;
-  },
-
-  /**
-   * Displays fine-grained, per-site preferences for cookies.
-   */
-  showCookieExceptions: function ()
-  {
-    var bundle = document.getElementById("bundlePreferences");
-    var params = { blockVisible   : true,
-                   sessionVisible : true,
-                   allowVisible   : true,
-                   prefilledHost  : "",
-                   permissionType : "cookie",
-                   windowTitle    : bundle.getString("cookiepermissionstitle"),
-                   introText      : bundle.getString("cookiepermissionstext") };
-    document.documentElement.openWindow("mailnews:permissions",
-                        "chrome://messenger/content/preferences/permissions.xul",
-                        "", params);
-  },
-
-  /**
-   * Displays all the user's cookies in a dialog.
-   */
-  showCookies: function (aCategory)
-  {
-    document.documentElement.openWindow("mailnews:cookies",
-                            "chrome://messenger/content/preferences/cookies.xul",
-                            "", null);
-  }
-
 };
--- a/mail/components/preferences/security.xul
+++ b/mail/components/preferences/security.xul
@@ -42,46 +42,24 @@
                   name="browser.safebrowsing.enabled"
                   type="bool"/>
       <preference id="mailnews.downloadToTempFile"
                   name="mailnews.downloadToTempFile"
                   type="bool"/>                   
       <preference id="pref.privacy.disable_button.view_passwords"
                   name="pref.privacy.disable_button.view_passwords"
                   type="bool"/>
-      <!-- Cookies -->
-      <preference id="pref.privacy.disable_button.cookie_exceptions"
-                  name="pref.privacy.disable_button.cookie_exceptions"
-                  type="bool"/>
-      <preference id="pref.privacy.disable_button.view_cookies"
-                  name="pref.privacy.disable_button.view_cookies"
-                  type="bool"/>
-      <preference id="network.cookie.cookieBehavior"
-                  name="network.cookie.cookieBehavior"
-                  type="int"/>
-      <preference id="network.cookie.lifetimePolicy"
-                  name="network.cookie.lifetimePolicy"
-                  type="int"/>
-      <preference id="network.cookie.blockFutureCookies"
-                  name="network.cookie.blockFutureCookies"
-                  type="bool"/>
-
-      <!-- Do Not Track -->
-      <preference id="privacy.donottrackheader.enabled"
-                  name="privacy.donottrackheader.enabled"
-                  type="bool"/>
     </preferences>
 
     <tabbox id="securityPrefs" flex="1" onselect="gSecurityPane.tabSelectionChanged();">
       <tabs id="securityPrefsTabs">
         <tab id="junkTab" label="&itemJunk.label;"/>
         <tab id="phishingTab" label="&itemPhishing.label;"/>
         <tab id="antiVirusTab" label="&itemAntiVirus.label;"/>
         <tab id="passwordsTab" label="&itemPasswords.label;"/>
-        <tab id="cookiesTab" label="&itemCookies.label;"/>
       </tabs>
 
       <tabpanels id="securityPrefsPanels" flex="1">
         <tabpanel orient="vertical">
           <description>&junkMail.intro;</description>
           <separator class="thin"/>
 
           <checkbox id="manualMark" 
@@ -136,18 +114,17 @@
           <description>&antiVirus.intro;</description>
           <separator class="thin"/>
           <checkbox id="enableAntiVirusQuaruntine"
                     label="&antiVirus.label;" accesskey="&antiVirus.accesskey;"
                     preference="mailnews.downloadToTempFile"/>
 
         </tabpanel>
         
-        <!-- Password --> 
-
+        <!-- Password -->
         <tabpanel orient="vertical"> 
           <description>&savedPasswords.intro;</description>
           <hbox>
             <spacer flex="1"/>
             <button label="&savedPasswords.label;" accesskey="&savedPasswords.accesskey;"
                     oncommand="gSecurityPane.showPasswords();"
                     preference="pref.privacy.disable_button.view_passwords"/>
           </hbox>
@@ -162,61 +139,15 @@
                       oncommand="gSecurityPane.updateMasterPasswordButton();"/>
 
             <button id="changeMasterPassword"
                     label="&changeMasterPassword.label;" accesskey="&changeMasterPassword.accesskey;"
                     oncommand="gSecurityPane.changeMasterPassword();"/>
           </hbox>
           <separator flex="1"/>
         </tabpanel>
-
-        <!-- Cookies -->
-        <tabpanel orient="vertical">
-          <description>&cookies.intro;</description>
-          <separator class="thin"/>
-
-          <hbox id="cookiesBox">
-            <checkbox id="acceptCookies" label="&acceptCookies.label;" flex="1"
-                      preference="network.cookie.cookieBehavior"
-                      accesskey="&acceptCookies.accesskey;"
-                      onsyncfrompreference="return gSecurityPane.readAcceptCookies();"
-                      onsynctopreference="return gSecurityPane.writeAcceptCookies();"/>
-            <button id="cookieExceptions" oncommand="gSecurityPane.showCookieExceptions();"
-                    label="&cookieExceptions.label;" accesskey="&cookieExceptions.accesskey;"
-                    preference="pref.privacy.disable_button.cookie_exceptions"/>
-          </hbox>
-          <hbox id="keepRow" class="indent">
-            <hbox id="keepBox" align="center">
-              <label id="keepUntil"
-                     control="keepCookiesUntil"
-                     accesskey="&keepUntil.accesskey;">&keepUntil.label;</label>
-              <menulist id="keepCookiesUntil"
-                        preference="network.cookie.lifetimePolicy">
-                <menupopup>
-                  <menuitem label="&expire.label;" value="0"/>
-                  <menuitem label="&close.label;" value="2"/>
-                  <menuitem label="&askEachTime.label;" value="1"/>
-                </menupopup>
-              </menulist>
-            </hbox>
-            <hbox flex="1"/>
-            <button id="showCookiesButton" label="&showCookies.label;"
-                    accesskey="&showCookies.accesskey;"
-                    oncommand="gSecurityPane.showCookies();"
-                    preference="pref.privacy.disable_button.view_cookies"/>
-          </hbox>
-
-          <separator class="thin"/>
-          <hbox id="dntBox">
-            <checkbox id="privacyDoNotTrackPref"
-                      label="&doNotTrack.label;"
-                      accesskey="&doNotTrack.accesskey;"
-                      preference="privacy.donottrackheader.enabled"/>
-          </hbox>
-
-        </tabpanel>
       </tabpanels>
     </tabbox>
 
     <separator/>
 
   </prefpane>
 </overlay>
--- a/mail/locales/en-US/chrome/messenger/messenger.dtd
+++ b/mail/locales/en-US/chrome/messenger/messenger.dtd
@@ -560,16 +560,20 @@
 <!ENTITY buttonMenuForwardAsInline.label "Forward Inline">
 <!ENTITY buttonMenuForwardAsAttachment.label "Forward As Attachment">
 
 <!-- Remote Content Button Popup -->
 <!ENTITY remoteContentOptionsAllowForMsg.label "Show remote content in this message">
 <!ENTITY remoteContentOptionsAllowForMsg.accesskey "S">
 <!ENTITY remoteContentOptionAllowForAddress.label "Show remote content from this sender">
 <!ENTITY remoteContentOptionAllowForAddress.accesskey "f">
+<!ENTITY editRemoteContentSettings.label "Edit remote content options…">
+<!ENTITY editRemoteContentSettings.accesskey "E">
+<!ENTITY editRemoteContentSettingsUnix.label "Edit remote content preferences…">
+<!ENTITY editRemoteContentSettingsUnix.accesskey "E">
 
 <!-- Phishing Button Popup -->
 <!ENTITY phishingOptionIgnore.label "Ignore warning for this message">
 <!ENTITY phishingOptionIgnore.accesskey "n">
 <!ENTITY phishingOptionSettings.label "Edit scam detection options…">
 <!ENTITY phishingOptionSettings.accesskey "d">
 <!ENTITY phishingOptionSettingsUnix.label "Edit scam detection preferences…">
 <!ENTITY phishingOptionSettingsUnix.accesskey "d">
--- a/mail/locales/en-US/chrome/messenger/messenger.properties
+++ b/mail/locales/en-US/chrome/messenger/messenger.properties
@@ -322,16 +322,19 @@ junkBarInfoButtonKey=L
 
 # LOCALIZATION NOTE(remoteContentBarMessage): %S is brand
 remoteContentBarMessage=To protect your privacy, %S has blocked remote content in this message.
 remoteContentPrefLabel=Options
 remoteContentPrefAccesskey=O
 remoteContentPrefLabelUnix=Preferences
 remoteContentPrefAccesskeyUnix=P
 
+# LOCALIZATION NOTE(remoteAllow): %S is host name
+remoteAllow=Allow remote content for %S
+
 phishingBarMessage=This message may be a scam.
 phishingBarPrefLabel=Options
 phishingBarPrefAccesskey=O
 phishingBarPrefLabelUnix=Preferences
 phishingBarPrefAccesskeyUnix=P
 
 mdnBarIgnoreButton=Ignore Request
 mdnBarIgnoreButtonKey=n
--- a/mail/locales/en-US/chrome/messenger/preferences/permissions.dtd
+++ b/mail/locales/en-US/chrome/messenger/preferences/permissions.dtd
@@ -6,17 +6,17 @@
 <!ENTITY window.width                 "36em">
 
 <!ENTITY treehead.sitename.label      "Site">
 <!ENTITY treehead.status.label        "Status">
 <!ENTITY removepermission.label       "Remove Site">
 <!ENTITY removepermission.accesskey   "R">
 <!ENTITY removeallpermissions.label   "Remove All Sites">
 <!ENTITY removeallpermissions.accesskey "e">
-<!ENTITY address.label                "Address of web site:">
+<!ENTITY address.label                "Address of website:">
 <!ENTITY address.accesskey            "d">
 <!ENTITY block.label                  "Block">
 <!ENTITY block.accesskey              "B">
 <!ENTITY session.label                "Allow for Session">
 <!ENTITY session.accesskey            "S">
 <!ENTITY allow.label                  "Allow">
 <!ENTITY allow.accesskey              "A">
 <!ENTITY windowClose.key              "w">
--- a/mail/locales/en-US/chrome/messenger/preferences/preferences.dtd
+++ b/mail/locales/en-US/chrome/messenger/preferences/preferences.dtd
@@ -8,10 +8,11 @@
 <!ENTITY  prefWindow.styleMac     "width: 47em;">
 <!ENTITY  prefWindow.styleGNOME   "width: 47em; min-height: 38em;">
 
 <!ENTITY paneGeneral.title        "General">
 <!ENTITY paneDisplay.title        "Display">
 <!ENTITY paneComposition.title    "Composition">
 <!ENTITY paneChat.title           "Chat">
 <!ENTITY paneAttachments.title    "Attachments">
+<!ENTITY panePrivacy.title        "Privacy">
 <!ENTITY paneSecurity.title       "Security">
 <!ENTITY paneAdvanced.title       "Advanced">
--- a/mail/locales/en-US/chrome/messenger/preferences/preferences.properties
+++ b/mail/locales/en-US/chrome/messenger/preferences/preferences.properties
@@ -62,19 +62,24 @@ soundFilePickerTitle=Choose Sound
 soundFilesDescription=Sound Files
 
 #### Attachment Reminder
 attachmentReminderAddDialogTitle=Add Keyword
 attachmentReminderAddText=Keyword:
 attachmentReminderEditDialogTitle=Edit Keyword
 attachmentReminderEditText=Keyword:
 
+#### Remote content
+imagepermissionstext=You can specify from which web sites images and other remote content are allowed to load. You can also allow all remote content based on sender e-mail address. Type the address of the site or e-mail you want to manage and then click Block or Allow.
+imagepermissionstitle=Exceptions - Remote Content
+
 #### Cookies
 cookiepermissionstitle=Exceptions - Cookies
 cookiepermissionstext=You can specify which web sites are always or never allowed to use cookies.  Type the exact address of the site you want to manage and then click Block, Allow for Session, or Allow.
+
 invalidURI=Please enter a valid hostname
 invalidURITitle=Invalid Hostname Entered
 
 #### Cookie Viewer
 hostColon=Host:
 domainColon=Domain:
 forSecureOnly=Encrypted connections only
 forAnyConnection=Any type of connection
new file mode 100644
--- /dev/null
+++ b/mail/locales/en-US/chrome/messenger/preferences/privacy.dtd
@@ -0,0 +1,41 @@
+<!-- This Source Code Form is subject to the terms of the Mozilla Public
+   - License, v. 2.0. If a copy of the MPL was not distributed with this
+   - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
+
+<!-- Mail Content -->
+<!ENTITY captionMailContent.label "Mail Content">
+
+<!ENTITY acceptRemoteContent.label "Allow remote content in messages">
+<!ENTITY acceptRemoteContent.accesskey "A">
+<!ENTITY remoteContentExceptions.label "Exceptions…">
+<!ENTITY remoteContentExceptions.accesskey "x">
+<!ENTITY acceptRemoteContentInfo.label "Learn more about the privacy issues of remote content">
+
+<!-- Web Content -->
+<!ENTITY captionWebContent.label "Web Content">
+
+<!ENTITY acceptCookies.label "Accept cookies from sites">
+<!ENTITY acceptCookies.accesskey "A">
+<!ENTITY acceptThirdParty.pre.label "Accept third-party cookies:">
+<!ENTITY acceptThirdParty.pre.accesskey "c">
+<!ENTITY acceptThirdParty.always.label "Always">
+<!ENTITY acceptThirdParty.never.label "Never">
+<!ENTITY acceptThirdParty.visited.label "From visited">
+<!ENTITY keepUntil.label "Keep until:">
+<!ENTITY keepUntil.accesskey "K">
+<!ENTITY expire.label "they expire">
+<!ENTITY close.label "I close &brandShortName;">
+<!ENTITY askEachTime.label "ask me every time">
+<!ENTITY cookieExceptions.label "Exceptions…">
+<!ENTITY cookieExceptions.accesskey "E">
+<!ENTITY showCookies.label "Show Cookies…">
+<!ENTITY showCookies.accesskey "S">
+
+<!ENTITY dntTrackingNopref.label2 "Do not tell sites anything about my tracking preferences">
+<!ENTITY dntTrackingNopref.accesskey "o">
+<!ENTITY dntTrackingNotOkay.label2 "Tell sites that I do not want to be tracked">
+<!ENTITY dntTrackingNotOkay.accesskey "n">
+<!ENTITY dntTrackingOkay.label2 "Tell sites that I want to be tracked">
+<!ENTITY dntTrackingOkay.accesskey "t">
+<!ENTITY doNotTrackInfo.label "Learn more about Do Not Track">
+
--- a/mail/locales/en-US/chrome/messenger/preferences/security.dtd
+++ b/mail/locales/en-US/chrome/messenger/preferences/security.dtd
@@ -1,17 +1,16 @@
 <!-- This Source Code Form is subject to the terms of the Mozilla Public
    - License, v. 2.0. If a copy of the MPL was not distributed with this
    - file, You can obtain one at http://mozilla.org/MPL/2.0/. -->
 
 <!ENTITY itemJunk.label          "Junk">
 <!ENTITY itemPhishing.label      "E-mail Scams">
 <!ENTITY itemPasswords.label     "Passwords">
 <!ENTITY itemAntiVirus.label     "Anti-Virus">
-<!ENTITY itemCookies.label       "Web Content">
 
 <!-- Junk Mail Controls -->
 <!ENTITY junkMail.intro "Set your default junk mail settings. Account-specific junk mail settings can be configured in Account Settings.">
 <!ENTITY manualMark.label "When I mark messages as junk:">
 <!ENTITY manualMark.accesskey "W">
 <!ENTITY manualMarkModeMove.label "Move them to the account's &quot;Junk&quot; folder">
 <!ENTITY manualMarkModeMove.accesskey "o">
 <!ENTITY manualMarkModeDelete.label "Delete them">
@@ -42,25 +41,8 @@
 <!ENTITY savedPasswords.label           "Saved Passwords…">
 <!ENTITY savedPasswords.accesskey       "S">
 
 <!-- Anti Virus -->
 <!ENTITY antiVirus.intro      "&brandShortName; can make it easy for anti-virus software to analyze incoming mail messages for viruses before they are stored locally.">
 <!ENTITY antiVirus.label      "Allow anti-virus clients to quarantine individual incoming messages">
 <!ENTITY antiVirus.accesskey  "A">
 
-<!-- Cookies -->
-<!ENTITY cookies.intro                  "&brandShortName; lets you specify which blogs, news feeds, and other web sites are allowed to set cookies.">
-<!ENTITY acceptCookies.label            "Accept cookies from sites">
-<!ENTITY acceptCookies.accesskey        "c">
-<!ENTITY keepUntil.label                "Keep until:">
-<!ENTITY keepUntil.accesskey            "K">
-<!ENTITY expire.label                   "they expire">
-<!ENTITY close.label                    "I close &brandShortName;">
-<!ENTITY askEachTime.label              "ask me every time">
-<!ENTITY cookieExceptions.label         "Exceptions…">
-<!ENTITY cookieExceptions.accesskey     "E">
-<!ENTITY showCookies.label              "Show Cookies…">
-<!ENTITY showCookies.accesskey          "S">
-
-<!-- Do Not Track -->
-<!ENTITY doNotTrack.label               "Tell web sites I do not want to be tracked">
-<!ENTITY doNotTrack.accesskey           "d">
--- a/mail/locales/jar.mn
+++ b/mail/locales/jar.mn
@@ -150,16 +150,17 @@
   locale/@AB_CD@/messenger/preferences/general.dtd                      (%chrome/messenger/preferences/general.dtd)
   #ifdef XP_MACOSX
   locale/@AB_CD@/messenger/preferences/dockoptions.dtd                  (%chrome/messenger/preferences/dockoptions.dtd)
   #endif
   locale/@AB_CD@/messenger/preferences/display.dtd                      (%chrome/messenger/preferences/display.dtd)
   locale/@AB_CD@/messenger/preferences/colors.dtd                       (%chrome/messenger/preferences/colors.dtd)
   locale/@AB_CD@/messenger/preferences/chat.dtd                         (%chrome/messenger/preferences/chat.dtd)
   locale/@AB_CD@/messenger/preferences/compose.dtd                      (%chrome/messenger/preferences/compose.dtd)
+  locale/@AB_CD@/messenger/preferences/privacy.dtd                      (%chrome/messenger/preferences/privacy.dtd)
   locale/@AB_CD@/messenger/preferences/sendoptions.dtd                  (%chrome/messenger/preferences/sendoptions.dtd)
   locale/@AB_CD@/messenger/preferences/security.dtd                     (%chrome/messenger/preferences/security.dtd)
   locale/@AB_CD@/messenger/preferences/advanced.dtd                     (%chrome/messenger/preferences/advanced.dtd)
   locale/@AB_CD@/messenger/preferences/attachmentReminder.dtd           (%chrome/messenger/preferences/attachmentReminder.dtd)
   locale/@AB_CD@/messenger/preferences/receipts.dtd                     (%chrome/messenger/preferences/receipts.dtd)
   locale/@AB_CD@/messenger/preferences/connection.dtd                   (%chrome/messenger/preferences/connection.dtd)
   locale/@AB_CD@/messenger/preferences/applications.dtd                 (%chrome/messenger/preferences/applications.dtd)
   locale/@AB_CD@/messenger/preferences/applications.properties          (%chrome/messenger/preferences/applications.properties)
--- a/mail/test/mozmill/content-policy/test-general-content-policy.js
+++ b/mail/test/mozmill/content-policy/test-general-content-policy.js
@@ -292,16 +292,60 @@ function checkAllowForSenderWithPerms(te
   // Clean up after ourselves, and make sure that worked as expected.
   Services.perms.remove(authorEmailAddress, "image");
   assert_true(Services.perms.testPermission(uri, "image") ==
               Services.perms.UNKNOWN_ACTION);
 
   ++gMsgNo;
 }
 
+/**
+ * Check remote content is not blocked for a hosts with permissions.
+ */
+function checkAllowForHostsWithPerms(test) {
+  let msgDbHdr = addToFolder(test.type + " priv host test message " + gMsgNo,
+                             msgBodyStart + test.body + msgBodyEnd, folder);
+
+  // Select the newly created message.
+  let msgHdr = select_click_row(gMsgNo);
+  assert_equals(msgDbHdr, msgHdr);
+  assert_selected_and_displayed(gMsgNo);
+
+  let src = mozmill.getMail3PaneController().window.content.document
+                   .getElementById("testelement").src;
+
+  if (!src.startsWith("http"))
+    return; // just test http in this test
+
+  let uri = Services.io.newURI(src, null, null);
+  Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
+  assert_true(Services.perms.testPermission(uri, "image") ==
+              Services.perms.ALLOW_ACTION);
+
+  // Click back one msg, then the original again, which should now allow loading.
+  select_click_row(gMsgNo - 1);
+  // Select the newly created message.
+  let msgHdr = select_click_row(gMsgNo);
+  assert_equals(msgDbHdr, msgHdr);
+  assert_selected_and_displayed(gMsgNo);
+
+  // Now check that the content hasn't been blocked.
+  if (!test.checkForAllowed(mozmill.getMail3PaneController()
+           .window.content.document.getElementById("testelement")))
+    throw new Error(test.type + " has been unexpectedly blocked for url=" +
+                    uri.spec);
+
+  // Clean up after ourselves, and make sure that worked as expected.
+  Services.perms.remove(uri.host, "image");
+  assert_true(Services.perms.testPermission(uri, "image") ==
+              Services.perms.UNKNOWN_ACTION);
+
+  ++gMsgNo;
+}
+
 function test_generalContentPolicy() {
   let folderTab = mc.tabmail.currentTabInfo;
   be_in_folder(folder);
 
   assert_nothing_selected();
 
   for (let i = 0; i < TESTS.length; ++i) {
     // Check for denied in mail
@@ -333,10 +377,13 @@ function test_generalContentPolicy() {
     // Check allowed in content tab
     checkContentTab(TESTS[i]);
 
     // Check allowed in a feed message
     checkAllowFeedMsg(TESTS[i]);
 
     // Check per sender privileges.
     checkAllowForSenderWithPerms(TESTS[i]);
+
+    // Check per host privileges.
+    checkAllowForHostsWithPerms(TESTS[i]);
   }
 }
--- a/mail/test/mozmill/pref-window/test-donottrack-prefs.js
+++ b/mail/test/mozmill/pref-window/test-donottrack-prefs.js
@@ -1,72 +1,62 @@
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
  * You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 /**
- * Tests the do-not-track toggle checkbox
+ * Tests the do-not-track prefs.
  */
 
-const DNT_PREF_NAME = 'privacy.donottrackheader.enabled';
+// make SOLO_TEST=pref-window/test-donottrack-prefs.js mozmill-one
+
+const PREF_DNT_ENABLED = 'privacy.donottrackheader.enabled';
+const PREF_DNT_VALUE = 'privacy.donottrackheader.value';
 
 const MODULE_NAME = 'test-donottrack-prefs';
 
 const RELATIVE_ROOT = '../shared-modules';
 const MODULE_REQUIRES = ['folder-display-helpers',
                          'pref-window-helpers'];
 
 function setupModule(module) {
   collector.getModule('folder-display-helpers').installInto(module);
   collector.getModule('pref-window-helpers').installInto(module);
   collector.getModule('window-helpers').installInto(module);
 }
 
 /**
- * Test that selecting the checkbox for the do not track feature actually sets
- * the preference.
+ * Helper that opens the privacy pane, checks that aInitiallySelectedId is
+ * currently selected, selects aRadioId and closes the preferences dialog.
  */
-function test_donottrack_checkbox() {
-  open_pref_window("paneSecurity", function(w) {
-
-    // select the "Web Content" panel
-    w.e("securityPrefs").selectedIndex = 4;
-
-    // tick the DNT box (and make sure it's ticked.
-    w.click(w.eid("privacyDoNotTrackPref"));
-    assert_true(w.e("privacyDoNotTrackPref").checked,
-                "The DNT checkbox didn't get set");
-
-    // close the window to accept the changes
-    w.e("MailPreferences").acceptDialog();
-    close_window(w);
-  });
+function goClickRadio(aRadioId, aInitiallySelectedId) {
+  open_pref_window("panePrivacy", function(w) {
 
-  open_pref_window("paneSecurity", function(w) {
-    // Inspect the pref.
-    assert_true(Services.prefs.getBoolPref(DNT_PREF_NAME),
-                "The DNT pref did not get set");
-
-    // Make sure the box stays ticked
-    assert_true(w.e("privacyDoNotTrackPref").checked,
-                "The DNT checkbox should be checked when the pref is set");
+    assert_true(w.e(aInitiallySelectedId).selected);
 
-    // clear the DNT checkbox (and make sure it's not ticked);
-    w.click(w.eid("privacyDoNotTrackPref"));
-    assert_false(w.e("privacyDoNotTrackPref").checked,
-                 "The DNT checkbox did not get unset");
+    // Tick the DNT option (and make sure it's ticked).
+    w.click(w.eid(aRadioId));
+    assert_true(w.e(aRadioId).selected,
+                "The radio " + aRadioId + " didn't get set");
 
-    // close the window to accept the changes
-    w.e("MailPreferences").acceptDialog();
-    close_window(w);
-  });
-
-  open_pref_window("paneSecurity", function(w) {
-    // make sure all is still reset.
-    assert_false(w.e("privacyDoNotTrackPref").checked,
-                 "The DNT checkbox should still be unset");
-    assert_false(Services.prefs.getBoolPref(DNT_PREF_NAME),
-                 "The DNT pref should be cleared.");
-
+    // Close the window to accept the changes
     w.e("MailPreferences").acceptDialog();
     close_window(w);
   });
 }
+
+/**
+ * Test that setting the do not track feature actually sets
+ * the preferences correctly.
+ */
+function test_donottrack_checkbox() {
+  goClickRadio("dntnotrack", "dntnopref");
+  assert_equals(Services.prefs.getBoolPref(PREF_DNT_ENABLED), true);
+  assert_equals(Services.prefs.getIntPref(PREF_DNT_VALUE), 1);
+
+  goClickRadio("dntdotrack", "dntnotrack");
+  assert_equals(Services.prefs.getBoolPref(PREF_DNT_ENABLED), true);
+  assert_equals(Services.prefs.getIntPref(PREF_DNT_VALUE), 0);
+
+  goClickRadio("dntnopref", "dntdotrack");
+  assert_equals(Services.prefs.getBoolPref(PREF_DNT_ENABLED), false);
+  assert_equals(Services.prefs.getIntPref(PREF_DNT_VALUE), 0);
+}
--- a/mail/themes/linux/jar.mn
+++ b/mail/themes/linux/jar.mn
@@ -105,16 +105,17 @@ classic.jar:
   skin/classic/messenger-newsblog/feed-subscriptions.css      (mail/newsblog/feed-subscriptions.css)
   skin/classic/messenger-newsblog/icons/rss-feed.png          (mail/newsblog/rss-feed.png)
   skin/classic/messenger-newsblog/icons/server-rss.png        (mail/newsblog/server-rss.png)
   skin/classic/messenger/preferences/alwaysAsk.png            (mail/preferences/alwaysAsk.png)
   skin/classic/messenger/preferences/preferences.css          (mail/preferences/preferences.css)
   skin/classic/messenger/preferences/general.png              (mail/preferences/general.png)
   skin/classic/messenger/preferences/display.png              (mail/preferences/display.png)
   skin/classic/messenger/preferences/composition.png          (mail/preferences/composition.png)
+  skin/classic/messenger/preferences/privacy.png              (mail/preferences/privacy.png)
   skin/classic/messenger/preferences/security.png             (mail/preferences/security.png)
   skin/classic/messenger/preferences/attachments.png          (mail/preferences/attachments.png)
   skin/classic/messenger/preferences/applications.css         (mail/preferences/applications.css)
   skin/classic/messenger/preferences/advanced.png             (mail/preferences/advanced.png)
   skin/classic/messenger/preferences/chat.png                 (mail/preferences/chat.png)
   skin/classic/messenger/preferences/background.png           (mail/preferences/background.png)
   skin/classic/messenger/preferences/hover.png                (mail/preferences/hover.png)
   skin/classic/messenger/preferences/selected.png             (mail/preferences/selected.png)
--- a/mail/themes/linux/mail/preferences/preferences.css
+++ b/mail/themes/linux/mail/preferences/preferences.css
@@ -14,16 +14,19 @@ radio[pane=paneDisplay] {
   list-style-image: url("chrome://messenger/skin/preferences/display.png");
 }
 radio[pane=paneCompose] {
   list-style-image: url("chrome://messenger/skin/preferences/composition.png");
 }
 radio[pane=paneChat] {
   list-style-image: url("chrome://messenger/skin/preferences/chat.png"); /*FIXME*/
 }
+radio[pane=panePrivacy] {
+  list-style-image: url("chrome://messenger/skin/preferences/privacy.png");
+}
 radio[pane=paneSecurity] {
   list-style-image: url("chrome://messenger/skin/preferences/security.png");
 }
 radio[pane=paneApplications] {
   list-style-image: url("chrome://messenger/skin/preferences/attachments.png");
 }
 radio[pane=paneAdvanced] {
   list-style-image: url("chrome://messenger/skin/preferences/advanced.png");
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..010826f62089cc3897a6e315ea88aa545b9c7b5b
GIT binary patch
literal 2183
zc$@);2zd92P)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY07w7;07w8v$!k6U00*E+L_t(o!^M|ta8=b6fWLk2x$m3D
z4J0H8ktA>fnAVCFQX*qzkSc8*DHR>Z7HjQ{KiVJG0d?BWbo!$|)LI=!J7~3WY9Bfl
zl?q6emkA+0P$WD8fq)?<<av{ObMHO(oU`}tkK~4H8ruG8x@Okwb@n-Xt?#V8X6<u?
z)|&sPm<L}HR{~uPn`V~e*`N7^(o~tiy}-Ku<9A)variI08osYLOt+x9Q7o6*xJ^l8
zwbHsyDqh#x*ea!~r8e(ZQmvO-9M?+hlTy98akG2qa>0N1bKlps7LRGgPSM=Rk4Cb^
zj~7RbLT$$pLjM?O0m8s6A&i*PVw0tcDx89KqIBN!qN>U{M%$77>15ZNjw`kBm){s%
z_LZ3T)Y)F$+jV+K#SgovbX+UrB`MV@sTo#EB$Q%>RNO9=xg_O;LVl6lBAOeydC;E!
z+NxF6;hvrp@uAUvo#~Ob^jUaIg%PL>mdsyMTC?aH<8X(EwoZr72eQ;JHCa*XqP4}L
z6PnhO24%%Ib(Lc*tLdhr<GkB_wqw9a^(LKcQYq;c`XfOquQZ}{v7zAee=1J}WdC<X
zb0c-OF8-kQnp=VZd)rLvmdqs*iejlsl2(w@-9AoUFp%<#snmehpwTEbt^kIRESVRl
zc5WYG{|FJ^0HdR)_@JYL_d6Ey(6<`d{Z=;VQDZAjpxbL$-kj6-PRwCzQw$+M2n(<f
z0z8I6Vc1V`B*2`K2%&%%1ZbtPY?q5eV+<uSIIcoUMcX-0x(p}-Vkot85`1>SFdi-Z
zTGMSdY|<l5jUE?z&8Oa8Ntd;ha9B)RJeI4tIASq0W>a%TlzF9vjErSC(KU?iC;)`V
zz+)JAE>nOZUk1kkt%Z8<acjf`P?#4}s%SyhzlcyMI36sMqUT&EiTI#OjU`2-popUA
zEHSq_hUxXvGn}EaBFbPQi|O@ZdO=E;-t(Od5B96%NSr`0Bnpa(#TC_y2p1FrFt2!k
zi$hVA9=ix&00{JFiG<*a*%F`6Ls!RfjvPGTj*Z4&&ScZy5Vk6JoXjoBMEvcehxTh}
zX9xy;7=}T{)r3L;q+@ZUWxpQi?QYFx((4_=j=IvWw{7d0w)dOd^QVsC_nB0bj53%g
zM5DU^OaPB?&ZW}!4W$Jcd_EsmI-QlS`_9=}J@@EWU(J=?ZeaJ4TeduLxOv|LH-G1L
z3L^o8VW3@`kDB%p2n2SW+4J-_C!QDG-Q8ybfxxf7dfOwubTYZgV|slh!9hk6euZ>8
zCjo#HPHKqSEBko6t(v;!4gR*4{q_3nKy%r$P0u^p*k*d%pdqOWM8X^9*VGa%2%?q7
zwk6=9;l?$z?0t9D@^An2u@%=WJn*$^7s=)iPhY#I<=AS8v0}+}D}A=Bs3|$Zu}(Xo
zH7D``UJh7ok1j6z5@BzKc*@81Yu3(IiGJ1k;U}B>`v;%$nBG*lFeDc&jLj*ksHUtq
zh#??5QT2X*gtfQc8a(zv%N=`KPu{(K&nLlPFp!?JpjH=^&ktz~g61IA(NFnk&^0x@
z3?Ooc(TUxQ^+kIjpX)Wea%cenB?W$B^9l+1O@x5<3!`)orU?hUY`igsQkp;SX~%ID
zXpP@%5RLc=`AssmB%aJ-IhUHp`m5i>9R0}YZSVa1BTuF`<Y$121$Fea>|x#NTAEJH
z=3HNp-r+R8!|CykGa;tOVC}MEmM_#q!zt?LALHY*9^N@Ro725TB-74hlggI`v$|Qm
zXg9CC;wA;^nMr>+qi|L^J~6_fz1!oz+8BvG@P}G@hI6;a-FXbby=(ofyUxqeBir@I
z=iYLM`rDNoUh3Pju137^aW&gMtU~KA_K}LBAs)KvX<mE7HzJ&ocY%Gmdy`ur2k+Od
zJGNpuV#k=VcvZvN9~ACA9%b**ASW*f7S1*K;aUTqbAk4QzsYE6zu-6AXDllzv#$R^
zm%#Uy)~^YvK$Jf=)$-Xu5wY?<u8+0RP;;2qwq=uUqVGLW>mPp7a{d)y;6B~D^93xM
zfGa)Q9p!6C`Iq~uYU{mAV@o-C=5tOTZ_0}Jfs8@+?mM@*JM!Q1_rLV5cck}49lbhm
z)sk>vaaD>>+ZD%-ryVzb-ceFEqvfp+KWSz2*X04+qg!{rM8l@>{Ox+ysFl*#U`y|v
z0ypMLPaE1jpcIeZvBmA5uFY=!g>Q~jVvD2ARVejkN1CV6?q9Xif7|?ob!yt)thGjK
zjoWvZZf->9uJd)<6NZ>>{@>|uH~appHF*FVFAMO$R0H7LPVY@UZU3OWG(h|7;s$0=
z3;@I9eX*$O9!eJ7ixlDKW*k7t%)C(PN+M<TSXQQbCIL(U#|7o~BeQ47Iy3v9U;<=q
za5IN-t<Ld}ycq{@ascN65JDJ?Z;zN5b9PS28{tyx&y8xr&S~yi=_$Wrmoi`-MXN~{
z!HJ-rJb-+Vd;op9VAI%22r+4Et(6I2c<4$DQ>hdPgU$&s&wtP_IL=c!&D_-N<ua|u
zKT2Kh>-~)9(8#_Kege2t0?28$B44Jy`Q_kpzT`v(E}aEa$Z{#3S_jkBLQXEb@A>mn
z<4p@Nlk!g-JD<RT9mvxF001R)MObuXVRU6WV{&C-bY%cCFflYOFflDKHdHb)IxsLg
zH8U$PGCD9Y@R*3_0000bbVXQnWMOn=I&E)cX=Zr<GB7bTEif@HFg8>&GCD9YIyEyZ
zFfuwYFoDG|TL1t68FWQhbW?9;ba!ELWdK2BZ(?O2No`?gWm08fWO;GPWjp`?002ov
JPDHLkV1k(<Ez<x1
index 6f88d1eb3ef22746939087a022a8c4312c1d48bf..054623c236246ed173517b5bbe9905d64be3b128
GIT binary patch
literal 13888
zc${^ZWmMcwxW=={VvD;=i#rr|FO=dgi!M;0xVyU*Empihf#L;<7kBpp3lu9(alQQS
zxBKBHnarG=caoFLljr@-M60PNV4{<u0|0=j_*PZ}06>y2Z5mYY%h>|IK=!2qo4-?#
z1)l%g^V>^PUap`yz14RG01W*93JA!`Apros07Y3TEwAMxe@{QHx%sPl)yyxM7b<vJ
z1)fq;S>c6IQ6OAG+%!8GIXTdNAx&9XR2%;vbf0h}*<vOdnzx_Ge3;PoVHylG)+#IO
z)V%n~N%B+I0qeVW+{!x*jpM@iqPzOORqfcPi4U)y2PMv*%afizB0hZz{6l@KK$fHi
z2m?k{+XO*KlAx|4hIDm+4qyZfWl)|`fam`WT2GC#4a~Uf)CV>I2r!sggrT4y+rL^p
zpOvg1QAV(&z3;4>)8@BvF5I+GB&&eDF4yH*ghx!v8Y7dw{Ys9$#1N&FZ52^60vn0_
zG?*R;Ln4?5x>O|$RosP*L+7c4TnNN`+&Yiz-CK;j&Te;~Kx+p{<uhLsQBHv%5D;Ql
z^&P2(yh{~>xUKa(aAp2k_fH87Ul`TFyI|$GC0-+(5LuBGy^stbi6|h;T}DT@x%m6f
z7V-LgnppSg)^qXlPnfmM<@$Q%&H3}Z@89%C!`+T4-@QY*Q*HtDAW~<OfqYMERWBA%
zx-0eeAyZ2scD*K0Wm(8(ev%;hZzIx6y__Uhy-gNk+CeB68Rz1p(jW_`QSy(nMXTq$
z%#*68{hKoc0l&CU+K84zA*KBi5=RGwd^RO26@53(i2^oN-KLVmgP#IKs^44ccYm9!
zI54{I%P>)I8u-`bWmGX`y2-1$uw?4+l@fEmg~;3WZvzK#D_^4F*>b(+JN0#pee&P}
zE=ZJ$ko>xP-wkYSnL~ZHGM@WtEl2nf79@VV_6vDGFjl5QQAug|mFPs`g-`oOG}@)G
zB>%9a2~AB+)+eR*mi6a~>cWpLkN4h=d07F!0}jT7k4s`RQ5^OsrzcBP1<Jgr7&LL*
zq{s%fKuj{D;X9^^xXx$NI@L1@JRS&>&)X_jBd(ksU}@C!z`O4ELTkrjz9Ui}_Dt+O
z`huPwe|>x0!OL!<$n)P>8KAg2cLR%ZBas?rOS{qH=y}DyVS3^~8jO)D;~<l=rE+4%
zVL=-7Vg0m9M`49dOxX38aFB)6qZ(gHS-km&KDTr2d`sR03Eu$i-oGR0M%dn^tzPDp
zPFWYAr;P|OmjI{%cemCAgan(l0|Ume_61f1fMWb>sI2WW*+t7ER)hW0@9HgEW)|+P
zmT1*i59dNOoY=5OFzxRe%!Xou?K_1HRFSAx8Q2y<&eMF}h81(a9GVaTS@kfTioSEs
zj&Gj#2aQFvVu)bK9^J?}pqQ*fCFqoYZg3d*GB{^I`frbwkKHnnkO-QX!O_u>Ia?WZ
zXIx7~X=P<LWrkPFjgGM##=;f{oSh!G|0Y6PUk2*qxi1EBWgA1JacLYWZ+{un@Vrzg
z`0{wV1Y>h+OWnX=`Drwh_xj^<!v~j_VJvHCXjp$nU){Qw_nekvJYIV~+Ep&^qw?iV
z{OG#qHS|Zezy&uWX8c#$2{3}ggpLf#*Ce0fFT|(F;#oZMIF2CHNx41Yu;2CY9%$zc
zyqaA;K&3U+CxY|<#mCl%hP=BRv$k{V<DbPZ?KLlOX&M~YMI3gRjp$LZp7hC0Z`&%-
zcf;RfS-Abnhnh{13AW>@P<eFwvmmK&e6k_Jk4>^cd;<=uLoXwSH&WP?;6l{9!dNHk
z@d$K+mEO_BqO-6{tKC>YhI6-ZdN87XXv^_tvW!&{5+L_^$X<C8A;N8;ToQsu>z&wr
zeSKc`zvlow!Z#*})y$mLUH$LLxo@{K)Hz*WhH88J#^%Q6_X-1+*-@*-dJ1*n0#}!?
zDJqq}1(q-tNZ5nQ_dOOT8=I_Lc%t8DWrjC)^Ob)^9lugu?vrwvN@jQ!IqSCG+`!jW
z@&a1y7QSOsNd$<tGyhQawy-5u+E2!PMFlyYufj;6774B#(RXUi9UK~x`|yDjh>1FN
zdh_mWZ;R{hWSh6^ZxJ^xX=&+@CWqBJ%VBcO8DdU@#n=7<bcIX-&&RDNR}QN``8<w)
zM<1;;75QEtlW?0OMPQN>al?jF^W+n$R=tmw8-)Zk9VcW9eSAif)-xYojqc>};?4?*
z`)_wfh#~%}B$K$TC;xgbRj{n9`sDNB%Xl%`fyg)3@pQ`Y*kusW<iGB>{O(;H@%v5$
zUKIVPt2x>3P+sc^$CT_8Up1V*{3fgMXs_KPA=UPJ(^^HGu<Klvf%aA3-&pC}lBnJJ
zwAZiL-c+hNa@p%tXmP&JzWeFhU+Hb)+rGv)qVz5=kN0F1>T2~~Vu7GN45wKPii6kO
zrwFGG>Z+2dc>0=p7od)gZqNvM+MYv8<Q`OOQj&Mc;*CDr<QITYNY(I@OqoqZ#bbv`
zl}0LCHn&r$MTF?O(r|!dWTk{88N^qUWjB&VO$m_mksuR21b7JZ`QfX$2qWUG=O2mG
z=%ny95x92H^L4D~P5+K&);rF-BLSlKhpxJAv!P-!g*0Mfl#~*8sNTT&^i1%;SGXte
zR&^k?TN6MpE-f`_qI{7G6DMb6A=9OUEAJudUhPsP>db-Xn9pf9ymwOV!fu{zzmd-_
zz<%cI`-Ql;xZ!^GukV(dPDp;YxGLDMbRc?UQ;K-lqx2*-h9zOr(iX@8YFb7FntED-
z(x3MCx@Evc4Goa%-~Nm)E_I<3IYRYFU0vDUVwxHn$?@_Q-7$o$6i@3#DA-hfCKWnW
zHLklVY$hFknM0P#&bQ~=(50oNl!18i(twR{V&!`4i2&@b&)H@@-{dA%kKMd?y+&N_
zt`6N|uXeAkq^Ikn_Iw7~i7NiBxx^mD>QBV0DT9rp6{`)-FLKgis}&~Z<?baAPnZ08
zeI_3Ldp7h#`&Sb}g+u@#7w@OV!kt8c*I>Vx3AHcW>eh4T@b;rp3<mb)QJ}S&mKH=~
zAwXbbtep4f?(S}5baaB|b#tS@a^nf`i^mjA>OO(88>csCLh#-#AmC|h=Ig{L6JNH7
z#KWK$0r4)%(bD5e-izo?Zm)imlD_BZqDH$@OGHRDlJl}@oS1`0vYZyhU#F^*YRK8d
z3CnX#b(L|`>Dh%CRD~!L3a)bK$)UhY^22DN_~;_A!JK9J%|N1zbjhAPGJB*P2Z|sv
zIE|{UGFaC%e?z}an`JLF#MB(5e-T86LCc~+3K*~=U4am3FK1f2en$NG@HW*)Od6Mz
zbZPHtwbdjLfq{mUSp37DkLliIfk5Tf`S!@o?QR~o-^Cu>*h2)buD*boNwR5jvY67_
zdkf?@JNZ=o;sn6NKg0+u${34*X|t*Z^WAaEtD2hAfD=w=Ds+J3+1r1Z93$ZIGDFOB
z)m?RRs%U`QZBH$y)5)ysKy!`c^l4MB)$yhnj^Xb8MZ%INbC#Kzc}9$Cf-x+~Q$CI)
z`0@VQ;za=!^Hqk|g@OMt2?+`BjW`x2RK+d{P-z7qz0U#HOQbNOmEwnAF@ta%N`|-=
z?AuPZ?k}&<@8YS$Q*}%4tLflBvN9`Y7%i}<#XI&w7pMb%m2Dk+TdjG@Effg|i!wAV
z8X+~xYs-<(+EU4yzI>A(*H$<DG|8{UaS1Hn$jbExZE1V?J@CH0H*?>O)aa)Z<slOt
z3F3l~qysdjl2Zj1#4lL@ZD(5JQuScLEx_ehCyhGtCv|RA9x!QHVH^tA<#H9RIR9Hz
zznVS7#$`T6BoKo8b~QtcG-}%&4!Gnglm*?X1CBSoyW3^k*v<SChmbNMtk~*pRFn)i
znoONAuB|>wA;4dNw||vVGlC^3#-Wv}r>@}u8Ysj02$9iH#>11&4yJ`Lfe6xwMF*CF
zK|VmOysnkjsWpM5*@2#qn3W)P8oWdbKRE5gH6sDXXgnip5aeOTFHI#`T3c^rPpl6d
zBsTSZ*NmKEE2j<+bwR=g1ReNwhwIu}Yc152^7iK2QC=(dw!}elg#6J93NAya0r+EI
z?6isRV|+j)Hns4vli*~XHip~5GUm&#?1j()Im3))iaAlqdNcGnCnv7Tu&JZb`=8aE
z47S*;QuV@CMRkWuJ=?w2<<ZRaG(U69X0D)fVb)gjU}`FXzkxy4KZDEfMyH2`n|LGj
z9O_s<?FNl)*1l4ze7r$Wng`_w>jNm&zdks#Z3YNMkE7k1HZYV)Z%!4Q<k~E>qdfio
z(ehZ3lA+?ye^l^im$;I(`rUv(Cw4Iz6ywV_ApJeeKR>9;>~N&VdEO7Ha=58&(w)@8
z#0T)zDdD8zb-&r{q6%UA#rm^$zsPvOJ%!E7`nX}AcSrW?*B1|{b)JwMvpek#v+h0<
z9Ud(i9Bm70Ya3x=W(EPW3JSCZ`mPOa+eET*a+^ceUm{<}<U>K_5|z@HTC>AVyW{r4
zH@LISV`#MEzhszg_^M|cR~k#@yYbUqSlBV7QPJ(g1#N|*1ufW?6Azu1$Pb^=wgl6f
zw5aw}Jm0Ll><Ro{t`l*S$HZ&);zCb48tsAka`222PqEw(eZEu3am@T&6B%N$P3KXw
z9mRKic+1v+8Xaj+5(!lWbgtkm;4-7`)2}ysK4FF8fYvu*4|2SO*0X?}ereMPGr!!C
z1=<WwlYW7`&cs_zHz_AqvE&tRF4took{-vtmCgr^4<0RGD;TUq;4h;RN`s<`yoU!?
z$c4{d!_Q=7jI|GLo!Dz8sp21(4e8}A)U;GoI9|{!6cObLyV<N1M8apQ)fyHS7I?Wg
zg;-u*9u*h&;D2+vQ6B*z4PiI@(Y5c!q4@4yMR$#chQ{&!R8i#e)|n&@(!ky2K{eV#
zhw;sC-ktMdWFFWr`FLNXsi}=5_LjvToBpCss*aX{*F*vLDZf^qX#XsVz^`Lrd-H9;
z=su)|Q2?>v6I_F;`>00~_{o2G({lI-Bp*z}uC>g6jeg?#Al(IM)4VO{`l_{QIb}xB
zT-W8)!Ebc<6XG5Y4$b?C*=^4h<;c0%tHhSsu^Hj_c>Exw`aV~@-f($&&iISpoxT%A
zq9&v2#?4s|jvOgV8d*U>2cB?~!ms^$>m=thil5he;p3F8K{%#!ot?6JdU|&&uGT6x
zF)E7RvyC2}?vEK(s%G}5YAtqs7DjaONfI=O1)<nVgs=G=rD7e+A6)thR0VeZo%aR(
z`bL2+>^2LvhtE?J_F~U=R<geDSqHU(bJO6-Mof){laJ$HyjM8ClLUCJZqVJJ7l7bJ
zI_%5tWN%C_R?*U}R8zCq!<=|zmkgsT0G#)z!HDYuLP%e=ZdXW5X=bY@5)NQNpdDgB
zLKjBMl1MGv`J>DC;F^#0!Ow$c$mR_lBO`GLlXU4q20u&!nB2cCDWs9p*3zQk;2=t+
z+mFcEA(m55f1e}xX=G?9c;R5IZpnU1QBl#Lbv5C|1BkvB7gufx9wX<fG&%Ie5cWO!
z6Nz3-$_Tpc;h@rzXMeLBQ>d2J)-e#!`#27jp(2qtXi)lfCbnDS<t*Ihz$@-mz^LTu
z7tfnXCu)ExTFV)nrmr>}Vuq%*Pb_slDyhOv(<}+~rfkBbin(wdalAF3-%3=@Y5FVS
zo<ogpyrk!P$BTnt5~T=m0cH<@ctKnKD<h|L6+Dy~Z2KMJoX9~47m8$%@L_>J2iWOs
znB${ui&q7y16{5x|2ZGybYk%Co5{bkrux(tbf>GDsT!yu#QO?~A;_UB#==|Ok^MB6
zk&Y_?H&fGaU6V|$rOzsg7wd+>hO?^sFB&$vd^NdCd{Y>(+ISBf;GfwhX)7kLmSD#t
zAcv>B^pcDbZWBUXe(4?<fT=%!G7hwN-64Sft*@ET-3^Hi(IX0?RSAcmt6dz;8~XiQ
zU_5SEvL`$Z{tA)Al=Nplus`b^*c{gO724F64I{U-OwHm1)NHxCY#Fg6)3+-~m*VBS
zE`iv>$<9w8ehLH=Y{bg32L$-86YGt6eM?<&?~3KAFYLUcTXaGu9Ts$VXr`}YKimOy
z)m0AGK$uFBU?pqQMRuQ3Q&Xo9QLrd*sHqbjJ0Eov-@d(RZ*KN_m@JT~wO`_Cuv<88
ze+d|+;5P4#`p@|@l9SJAf_7dwK=*obQqAwQ8-=ci>*S5x!e6<G_3RYQq~&ru5#!E+
z>tKUATG&a?@Fho1Gn4sn`}U+(3=`*I?|2XTGNcn_dx}DG*jY7l#8e0jQI{m3Mpe&7
zR=TBkQXkrz?x0sO9t^<m(gxm=1mPf`NhwC5DIpBh4A$n!Wa>d8{{0i#T;ZV60_pvw
zHqTdMN)4&eh#yWR7Wa3PmW%c$?cssSM139E<$O+B{fvExbw9n>jO1>q^=5cP$@%a`
z{nVCy))vz%K}PBc_W7Nkr3eoT*cpwz+m)gXN~DlTDX;7&N>^loL!6iI(XvX7=vBy_
z8=_YqZM^@lg6g*pVyDkm%iT&glhIsUrjnhvvzrD_8ey;=JO6J=|AoWub<CxU?#}fm
zpXaA`T&zf$pu8y<3`W{ldlSlAac3xpB0WpX#UnKsH@t3Jzm(O3lEnt3b(_K?A*6T@
zzxMVy70EN7mcDD0=_BAB>v%Y}e@5%lufRS<N7N!9t?m#erD`H4t0MZhI}tf$^X;3^
zPbfI*8HLo;e{^C)hwIkW6(;X6(|xi%RIPyyciEAnknkbdov_ZYn~wQM%<1OueO~ci
zx=tn%tIL)-a>_CU?oKNrf*<TJ0X^T~Gim0w=r04cNx1xZd$`(4%#vp7Xl7=%{`7dC
z!fQRA{{n`ldE)-#yE{7pT$Y14sTmmu%q7<>F+2e;{=eAaFQWABU8i1?gK^QNO$D*o
zv!A-+zJdjnZ&G5MBUtD}RjnH{-AodOykR6vMR5kibmT?w>Z3QCVp0WE5=%>8X~U?c
zgeDCQg9l&I+Rr8g`&*i+s-z^6*wuU0H`VV1XoJ{r1;=?7efDq!`J^V)tGbZ6Ygps}
zL~8QN9Vw*^842`3bWj=^NqW#t-j>B$tAe(X{gc-o{v)4tqLnR2ZpQ_EkT2Q4(2<Si
z`}r^aUFQ@oE*zm6CSK(_6`wLvm}5hBn@&#$h1f=<aYS8}&|Qyh(-&j51+k#rp@*Zf
zQSk}=>>pRQCJ=qe=TL6`>VhODiU80VV~`zx>)#U2GJzRGPffz=j=;WY9tAmjlqQm;
zballRNad}L>_-gps}1~jCz@lMtlcSe!(9lOEXkTvzT=Y~a>sNwui2H8(Kv=e#|wr$
zpF4JBEuF&FhR!NubQigF{%oZ}mTaKb^xu_G-as(u3m`FTnZBn^9hgB?<7`}T3+bcf
zA978{tImge>TlA{k(p{JZ2aaDhV1w*Bf8Gl2Z3!cNxok^q=t6q`c9X~2;&C%!E-k#
zSdD;`QrJUwKqVI>P4kY<Yi<2r1<)txMh>{YLW0}%QVi(wX(-}wS&iyBQACRQR&(kz
zD^6Dw$;aD*0b)+5TVG#aE-O3x5j7Q60{y#mrpLR>>_*4+j;1`nb43nbUi?BPC<G1d
z13n%e-r<?o>5QsG+L@?CJGWTHy6^Ftx$8b7{ulo^J`&6%jKm-&JQ6;PpuSUaBs2da
zxKJ%-$V~WAB>iu`4_v?Kly&_iALB~?v8xF;o^#tMNfP3&)gds&KoV(Yg$zQ2;IqMy
zKY2`@1Vm;&UqTotl-h5W@~vCT2sR@!gbyr(@;kUvO9;@By)YBY!noR+A8HkonXoMj
z<wE)6Bz1&L%ggL_*KZR8&p#-kg3M4I+N%VFJ@(L5`d%>#kPEki4C2AwE&4b}CqE`K
zI4L7onRqX56{{Us21lr}l4kM1)gYl3p}qBImDf!luw83~tS&w)Fl$>fq4)i4;B#La
z)d&LJv6_^1nn26Zy&u;Df{N#CAHS!z-E=-4ko4zCo^3_GhV}u-iUox;&K#XHkGX~v
zkIJAPoVQTY^i@Jx{BKz5cG|QoP|URvsco%p_oW1-?ikc>A#BX1sNps16?W-_{@LQ6
zU*?ginl!`E=3E3z^<af0T6I#~rX6zy`8&o_ZY9<C;4-aM6VnG%%ciBSIySwC@?46L
zO>6tQ%9~E|{p-nj>HwDE^#OqVUC5g>5P$E(n!%B@W$en?KgYaMlURT6{SP*4e#kEG
z2+M~3u|pRY<Y_+M_mQn!?vq59sQTcLxotc6z2d{OYcejYH9o<@^)gGsaK>e0XrjL<
zcE-1TtE8k<+->@KzB4e;e!YVd4Gqor{QR8i=kwEj?E*^Kfs3na%8Oil`UVCpUg+W_
zepy3J?Q|2~9a`(MtrS&wqhnxT5L)k2>@VDxnwwj1HCxtQ$^Dul@Zko(V?6*1=zewG
zAf308V#+KLbFU#^xHqDEI)H{&z#cN?=oQFCHg94qDOrvn?ay{p!$NL{$++Pp=%nkw
zc8muxMGa<Sbr**T@$HU^7_l&s)f)b-lsE!TCs+JWBpMm-gRfqhs~@%?1%5$<=rNr(
zc_OP>BFKTtAgL|?xUSL)7O%EzRYNS?Yyz$6JSdh>DXBq<Niu)`foPF9J4BHwsu4;z
zyU*CX(!*PN<C?>E)a)9#G6?7x7>+TGNEfjIt<t$pbuBHf2KVf%$-j`nv6irh5IO>4
zV!GFC2-opmB*`?UBmJ{J)xmQ+<U?BS)c5x!fp_}@@+(96QZn6VMua$E$y#*HhlZu&
z1@+aV<bn6vIi|!RY~g60T(#pDI5$)ZkSI9oZ7_nQr6h6)o;5NXm55dxsO?W{Dp55h
zhg6WtMgb~8GL4KG6H*gI|J<FPR5&j}WYOik-Vy5yVp4QPeOEBfXHb67u9vLB03D+U
zN?Mu@2_%9AaBW$|yegSvybRBac@VG)-oEQ*?|LG$2*Tv<Y|?4vg3Xt{HSXNV`grf`
zNd?Vp0J!}*Xls2T0L|qG)Ad9ty*6`!U#~3kH7Yh-gq?efx-Fi0q$_3sU|tlnt)V-r
z&*bD=?dpd_O5?~#nJ51vz7-i}|G?kP&Qe6N$T}5`v!+}$EG#V2>I4rrTZvaMd28Z%
zD^cQyN}f37%ZwJOhYRIJY7Qq;MJT>c58f2QZhLz#MAvDfoH(XYTL&`_qy7HTnyHVm
z_AX;aFj;-4)0AN7NP0?~f#_HwP(D+xx8onr7d?Kg?hP|ws~VaQK`4HE=5t1WW$t;4
z+?>nthlbcw$x}L2)``M!H|4G=G0})mtDA)4LR&we4{<|ks4Txl90A7^A+-v<71p;N
zUj(GNaJv|j?%nGdrlzNFG+B_VZ?HuUksyDQ4EG7c**rLbkvKsxB5F+aslosj734Gn
zO~)0j3hx>=#723<>H!QTW)`;Xe42c8<N|`zjI24v+uPd!&l$3_wbPAPYOQxAwy6sF
zoHgh-I5*WEA_xEhfw6W(d2kYOKhMVU?eo7pIaiaMn*g)$_*e6$YH0b;K-D4$6CUy_
z<{Ixx92hPglAstJ5=-bVpd=>=$f|k4kfG{9x=C=Cckrz3p#9HVxmQz(Cx8<oSCI!^
zv5%J$bGS~aOe_(*)5V}!j%X%Ul?sYFj^7Ft<p!iHdG&2u>xuk@oUOmTHw%jA?$lks
zBl(Xnj}3k;Q9E`ono&-*r<B<0=a~@+8i}2447YQEBSUt*AAEYTPJHpc_@rqCo95lK
zISJZ1TwBZ2e};9XP<|gvcp=&qgCF)n{6a#c|4mEd;~#}2B%Y@}y;7j#<0E89`Jm|I
za~CER3hu*`c6zvRR{gg#c1=V?)G<{Dd*^qv5ot<dWuWP{beItE2=+iE;EZbeMci?p
zi3(%l|G1V|N*zG5Q*9!%e1h;(Y>{xawJCzm2Z%sUBVbA<j$x9)MINLAm3(v2D<=$+
z=<Y5ztxuOO*))288Eoiwh`WmSCXURO5aZV-Ix1LRbTFur=~S4o`8OR~nvSK&ISm@R
zWwdm<A5w%ScaZd7|6lmhHHRtJQY7GO>_F7qRu7aOo~Y>eL6w7WA*^V{D!9w?I--*a
zrij>=@aQqaP;2cZ7}{5O5(`7RNm9HF$`$`I74mbtf5}=R7*dgjST6oh<+GEaQ&oX&
zUE!vMKc!9dfl~k_S4`8~<ZNbHAkUWz=DaPQP>^95#6!SSf@2(09k}+YXcQLQcOYF1
z4K}dqMyNq|NEKo!(B7BwLT@q*Qzq~d#hd&~aD&B|>KL#pbUR(5ffBTJ3XA?gnL>NR
z@m-qGs~!5b4$?G$7~6+#2ZL#@yl>Z_c6eH_4Bn170J48QB&VcQB)GSW-yOC};1p8^
zac_Os>V$N3BJ`DfJk?%yws8k@K|=GcmP~8I&4v$jY(j3n9ihjrnD!-h9Q}5{_Ml?@
zm8l5^=Iu^X&i8w;B}TspyQA+;<VoaflxH<LtQzFz<t5@Xsu;CxC5QwFJHflCn^rx@
z`9Cg)_4f8wWpJ7VcrDhLEp`S<xVX6Re>ZG$@YQr{`3=={lV*!LMA8G}N6?2_kg5T%
z?&*W{lxTBT5_2Pu@^QhxAK{XyM64tcTEU;_l=ABi@6}?sU96*6aPzwa%SA|Xv084!
zQKu^=1m;j^Bh;$er!l2rQ6a?83}OO;kU$L_#rz~$QY{ccrt~K!%fE<5=@ycH6c8Q|
zllr9E@##Uec(nmJE){gt#Yn5(N^$bwvS!JihAmdb*mq;J{8i}sXMVd-sN-iufTPqk
zVI1d8u}rDq##!^mnGX&rDRMa8pIvBw$v<mXjRn8F*~J#0b|^4s>(1<??d^&QKx!nO
zd3;LVd=)Rp0K}3z{``){Z=x4Sp-cCF8W2j<^t<dEP+*6zWH*|7KvEy{24zvcOwlYr
zA;h{dy@r&iSoJ+Hrck9VQ1)2Qkluz_Xcrgy+a$y{cL-WjyR;;g-#O=xa?bz#aJ>ao
zx&{Ek{3|`vXME{&OVkk52(ucGBQmBKghm77OW6+Gg3I*o2hR(T2Ft<-FlNQOGm#s=
zD^DL94?nOBU^n~`_F6HXXDp()vW=pU$-FzG^;2d_T*fhTrGY@5F~_)PbpK9!ruN9R
zM|xqIDELHdr_3OInwyw3Q~d^JLS)22{E`!#@(cHQHA;$$MV$vIJ>3K{mGyquXWG;+
zeGzxw>^-?&^`uVcG<o^+@BAAApPvL!Fv*J9Sy@9zw!gh0i#NBlw4|H(x7hF@B^$Ps
zk@YPxh$We+CJY-~q+WC#l)mR|2YDTdB4Pi4xTO#$)lYl^hr>u;Swm#p%BFO83XMoh
zhw%`GdGaBMYREllSj`hNSV=IhpQz19oa5Gnv^;NY)HRP>d??yUs0P`G6-s)*K|$r{
z!T$c+EQA<xU`rx35_CF^y+s-%yFw{g{^S?L#LaNFAsV(18by;fmz~F}^}a^eU;J_K
zh!Qpn5m2d!FTjXC7l#911U*iJb8<#eP*L%+n`ASN+i9Z_+Mw9KRagz)IHKVodwVaT
zqVs(G5HrpKRGPb9#vSGBO4j-O3f1ZBia#jpDEme3TdtdDdjBNTIRIL`xcn<|_EM--
zjn6h0ixYnM&Kj%ilZNA{r@sAc*!vMdn}V(i2R4*5M!@xL=e4kRzNH4fG-{8e>1!6L
z0xZr0wr_0f4;P&}r63%DBGhqOTgb`WJ-xg6w*$}xr<HN~Gl&~ih!hI-)ciY?3Qjol
z<n96=+0kIM!A6Lb{XJeMw>EbFbSIw_`9mZ50dr@!qCJH+hOP~|k##9?{SfPQyc9^w
z$%&mS>=|NE6x>_U#fuciMH6OfWfDS~Z;CM2GV6KtfNybgZ$Y4Zpm^3c79!Sp60B0%
z<0#^3c59u-KZQL!3qk~&E_^pGtE@C?bXfga|4Jdj5(G~WIqvH4zn8x{UiCF?^*E~e
zFvB1#FaMpBnVD3~ZBNa9sScSV!%p!9PgAS|)GM_5Zd<&^mIdrU>iMTS=`vSdAmqL0
zJ>MF+-pvscsMLglPm%StWwUJ8UxIv%+9=d1?Nu-3Q$?Bw;PoeI=D%1PYeba>7z|9{
z{Xhz&0T<%D+~+)DUeJW!XN~b;Hu5}zg%AB@*sdS|kCd3u5eWu672UOPitCg`>OhcG
z0)>M}mKIF<xWQ$=<%_GC!PYc3Vq91-rVw~~7hmm{nS;v?J*}h+^QL7tGu%&aZKu$;
zVI`9`4U=JZlNA$^7smpqVITs<U>ctdr)71hK}d12B~oNqVdZFCOr3_VpI^N|b|Jnb
zrq#lvy!I_zn5T1riC-$II4O#$`aK#4V2>VT3<xJ=o$faQ9WvS=JcQgfbUzv*Q)Y-?
zV<6~M?VJDW8_5#_KN=?O6>Rs&u7Iiii@mve;+Qe|{1}9^Z);C04DZ?%apZ!b)hM(`
z6a&F9p|{DX`pJ@@7yS96x#2Poi%M1_<Z%^6Nk99@I;2q)ic7C(n*^$}e+06<&)A^8
zPlSRjl_ZOz1d$2MdaV=j|KUb-bac(i5sn;g@@uJd*xTtwUP&cprBV7*ulBMUy)IW#
zuP-Pg&Tu^{(UWY%1Pjtxs$`Da`ZI?n@-%*Omf>O3Mjg7&e4sx+pFyHaKAvojkDvcX
z{C^tieB7Z4Q$_@&2Y>KdkBj~;Qot6ZNND|U{k*c0Ej2AIch0u)>}3PjFU3hbKk#O3
zHG40(taZ~ywA=?soRuh*FxE2QTNWTBGZjdKKgTWU-FzdY%=04hzyDU_azMXGL8V@#
zE&|iv5owB_S)by=^2kOs-xGIAps;xZ;A3*lC%~1XnRtk|5{ro2*|X(lMeN=w$|>&c
zMWSrM9j&pIjk(X9(b1N?y{|pUrzi-Ah4%Ci8+wuCHG(6DpEb}yJg>U?w0_C_&WFe`
z;Yas;pr0h?o4|m=Oy}2P)Y<R*enA<6HM!H?pACpOPSkbYoF5EaAFj>scB>~A=u2Zb
zu|>ubkJGkIheQoBA(4i5;~->L;cdgLQqu`u)q20{9bl9ukULziC6rIuzghWbwU}Kv
zvmR#~*65zxWg9AHQ-zm#fK&Cyy(|}t5yC(Tf`@a;ih-%c&z?^H0wi9$kw|&rMvWhX
zvf#vvD$;yA#7RC3GR<_h@!)8*=mlRFUByS44W^eb?mBZZOJAW|-M{L&z6$UA#)%~E
z1P5MtAEFRWxLt}3@9m@Wd#Fd@wHgbZvXOOmcAgV7PlpxgRCNEdw_q@?q9z#I#5Zl!
zpQ@94cS>=<s(=dd)%XrsK&$BpY8NdzZ5D&;VabPr$kNa^a5tQUb5POIf0grEXIUYZ
z<Zf<mCgtT}OW|Bq8#awYfUu+tooeW6Nm&__5Ca2PA%Q~5%F0SEgTq)SPa^Q?=w-69
zb$`-{5~MHja2ndAIQ+n4)-PZZ$mi*|7tuiJ7?gDSC;co6vj8Vdd9ZJV2ByU2u~qBr
zSS-N9^Dsob<9|*Kynu{Mef@rRATvwjkJd*2*RyoU6$m6?wQ{|r8lqDl`iEv%XDSKx
z(~f3+XO$;ZRPmgym@m>Whr71aW9Lb}0KUfPo3H0j788nSXw}<-s3SP0Bgo=+2&MiO
zA|4_WyS6bIE(mAfKV>0usE8YThs{PU+&Z&xOm__R{q)XpD6QLWappxCe-^$5*z;%K
zize|9%?eOr;3XT-zM(@e*)ca7Zv$GZ@WKFjO(r_J!pX;ZaW0bhBqR_G(sd$5=%vI%
z>x7-=+TEYfzLPgCB6P0>Z-%j-dFM6M_51FCpj~ey(hD0~|C;K@*_O}Nq9y8tFrD#Y
zYj;2^fIfJNI@m+Y_vCN6mBxfm{x@Yx_qs2__rSAK0VV*CzdGS#@V~#3GdDL61@uf%
z+bjmKWV3?!^sP?^^m(NVvn{TE-$up7A(ar2#rI?T1oZdU!4X2`tEVKk31KxWhfM73
zh%!Lr3|h5r5RDgrQv(6@+<eXtOvYl;3Z@%LB1C@i69QONA<)g5-)kSyv(fyuw4snm
z*Il5vq$G17j&$aB!6cB<mM7Ea;PNh(QpDrI{r>7`J)TM|OU(0_g2VWyo7>~v<#WfE
zgMSx?X|W)-Cx@xdyN9G7XRR%~(6^$s&%}F{`GeBkHZu7UcggQp%vJ=}{aiB)syg1K
zZ*!^BF;o`^Y5to;^EZnTLFKDPW*I1)rZ?TjUa>4vf4<|be|~h9xr1fWiJhQ+w#k34
zXYVQ}N%i8{IA5kQ^vZe5en}Fyj436xOi8}}cw`5V+#h$9%4WNH-Yrj~h$LX?kkiF?
zn7PKC1pF4hF6MGk$y3Y}p&04LQ?<!?%ItqQ9j<U3XJTW^aeEH6kn9R!;ZeyGjMHIX
zp<|;%$Ne+~7owt=2sYDWih(Gm(kRglkI^sw{6Kk3eanT4dK`F)YyZ|zY`>9tW{jFG
zz%xL`M<{{Q|MHT#U{1lCG$bUfrQXW6Le=5h%m*pJulbKfZGO#ZR(~7|di%Fm25v2(
z7_Lg*RS^pSs#YUP*Iqw9HfFACyoo?TVzo2&Y}G3k7I2>5okU=JK<9U#v5F!{|Av$4
z#22x>sUj3Q->cq{9-kM9m1(iO98MIw*egrlLMHl?*)P#b2tMKBqGDo18kB_eYy`;{
z$<+)YrNy8OoS6#E3sC;dBMrLi&mXR<-qTE$MJ+^4R0vu)2p@9@g;o!o;WK7gBGUe`
zghHuaY{8T#^DcpmkLAs&3bsW33jCRdo*w45^5f$PDjHh%i$B34%%Jwk$>2Xz0^;in
zyq{8W-aDB~In!5$qrZ`2TXwUHT#e*tWEO5eNbM#uFQ_YX)nhFbZit@~ck(2+(PGP&
z1<{8B<6)Ym;~S+W{JvX-AtnK~{Q`LcUv=Hy;SgdE=OS}qWSV+|DX?WfWSL#>Ajr~#
z6CbRm6RPH}Zv*bWSA+Z>dj~wRgqoIqUMB2X<j-btIzHz3uLCz<%XcUKeWQM@o}-}-
zwTg>N=$<H-pkWg|?COiF&wXWX?%vekkof0{@=+U15TooYzD2-cl_RI<+%aMU5zf5o
zX==jsb%G3!jNu?v=fYZ^-+UG5wTv1YAO9YVmi&4tnDsKWp9ZmVUg>VAbc8M4<v>iu
z8kX{P1^car#<Vuu0Q)(;!gVe;Pej@4n>FxtQ#-ue3iZ%BUb9psnC9)xX%D@C+z@dd
zCrY)3#rX*5967>7Ht$yFPL)n0Db0ZMVzcwBH)NPdQm6H;SwWulVHz~7tQg+jw^1<(
z5e6j)6BYRy$ae_(&w~^{Y(IbE^i`o{bs<EJDMXbbph2foQc}uSugH4vd-wjmn7GTI
zK}h}5Z>yWrjb-f$9sdYnD;E_-#i@F>`+#a_drjbTfR>I<K<5iXh6?mxPsCIG-d`ND
z5X{g|7%k#4@O&$&QcldCm8mE7J<3d9L0PK-cQx`#dgS%99Rmq_7ZR;RCsOChQcN9>
zua1V_O^vf-z*6x({PBY^SMLB^@TP<G3uwS;lH6_Q?&=NF{=1K94o)mYg}Pved}FqN
zlcRTz%DHnNC%&5`l=B%_7}@`xmc!U>f8+R6NTW`$^YPxjr^gh>^<6fWsU>)qSH<jp
z9<z_#py96DhUdNibNlUDx#QUFpVC?F6j7>-s+TuhCF&62tmkfb-5Eu@NYfrF&R|3Y
z^wPt*-zL`Yj*qN=H%Qxd76P*wUVSjL7_bi!j9u-ID`=uO@c1a?$r_|Bu<`kQdKP3-
zRqv<g2`FR4e<rn8;9U^(#CLUPZ1DASS|JlU4-XI7`+ha04Z^=CJGN{~8hJ16GcR0H
z((oO{v4Sa^e2t2Hor?TTZzoaggzc`nI0+;M?QNMlHkoAD+rmT;Iuw_xnmBz}scepH
z(qjMpk5IGE;UXS~dO|M+Le76^2FObfRyH&=ykcf%_5mJAA~GdxCiAW8*tRAMWOSql
z4+OTz{Qmt->On7Epjc_3Y-3IDZ`!R-E$cm<=E>eae#&*4$j#wI>%|Mw233Mh-I&;z
z`oFZVsO#yOq4E6{&uTlpw^Ql`kirnydV=U7s0v+p2+{<<uVqya@5Ozu<K|SwM4oG_
zJ1aUC8np5I)Bj}n2dv*5*YMubKtL^0c=a|LZKDFEV}HM@iPpWeZvig5esT{W1*E(q
zl<>o5i74z-t?P<a<&%e8e2vwHh%3~`b=jVGz*(a0-_@vmcQrRRDdytc2*26F_tik0
z!5)dniy6Bwvp=YqJ%7S#S3Vw9?y6)E(TXj2(mpYu0W_I{&V?}=$U7RmKRpl7fx+Q6
zr#Y;?J~^(8tWPO37oIB(iVm2-3%#I7a(|e99k4%LqP-2^Gpbm2-fYHpzL~FPPhog(
zp3Y%xKv^)@8;##6@QPGZY>DS3_;R}BU3M}K%}cbFBD$QJ8R+7UCN({?`%Kg;0dc?u
zF8G6G2#<tcn-V~z7mO*COtySmhoqjYrvD*$Gmog^$H_rGJv;l6q0;_jadC0v{lz|F
zni8MeOYW3;0Vy<TRB35xKVyVXpB8H^P*7>BOG--S29o~f$v3B8D8KIMTx`y+%VEje
znzQ<-Hn@Bq5<3F*Hr@NUQx{`0Jp7SuK!KKpfx?uOfGDk~Ob~@p6)G#&GDe1L{&3ic
zyv`?lCT-l&DT^)Rj0o-xNg=JF1C8KC@dWdh0Zno0kjT!l8*s;T97~JW?Zfc*#E4TB
ze{Q6AJ-i75Q_n!qHPPq@lA3iVr8bkSB5*+cY;^tPN`Cmy?psu07$NKPQHRsUFBZ+D
zrxqdCo!_ID!G{-KgyGWB@6ekNS^_6pogaUJx^jeE^<w*yQ?oN-GwZGHm1rK_ljiC-
zf>UoG&+k%fyBeNRF0o~?i-#4fzN&&q+_G!{?|{`_^IFpvoB$gQ?c7vUee1|H=sXy{
z19W-B=NOp3DMjl(llxvBmY*SI^IBs$*6IoSAniw_aL=W%vyC(YNx||CPhEV?scG@=
z4Fg)17Fv`Hn(U$5_da1=x~hE?;(lHsg-r96m6g#=>j5HPymv?k>ma2w(RFn^fByV|
z4}N+DP1q9GtG60s0Wjwjk!_pEE_w<me&U`!pnJ`BY^9w8(gP|_7w2KApo#2}oEdt3
zv}^PbDjGFAEv$4ir9+O1pQ@dY+rBr_&6YPjQ4Y^dfC+!?IEs4L^%a7^kI~jYb|+5@
zh1^K+#>&LG+8|oJqDqs_4gnzY`3BeI*jsn4gC;Qp8M*Flg~5Ld{f3B>2&i$~{6|am
zyCi;FYUJmk%g^fFx?sE;8+fa=e(P$4szjxfQ|s*`IjTjr-&6dM2nNy5BaedydTPJZ
zv&+NvD5elyb<1yRxd|9K)#Hw??&Z%g>Gy_Ee=ZY3d9CoSIyPQ|Mq5$Zu+k1v94XXt
z=cK<Q%q7LOmyPV_oYzXpT1Dcr>9Dcm)mF?foOF$01XDCxw(qmoPN^CkH8~o?cz8^T
zm}OUEqw=Vq%1=J&wO=XFg}nt{|0VxI%N#?8a5`HT+L}4^xvY#tE0xf-NIu?NLsOF+
z*8K8d_H4$rSvwrPlM|oj;p;|DTt9dzO8(H;n4E*d@rs<B+=^<B;F*@PvhoBR4p(b5
zz|>Da@@Rc@f<o7ls|=gIBHA3r>v#Yh&wL-^&|FSe4~1_4SwzWpx{sdVpwh<!{aMR&
zo*>j4hnz0V>IiHkqo>PDgdnyN<&);_i8p^eqbFBeJ)5dKo`^0oW!+OHb?c8#*4lj~
z(<~lWM(X?=X3NxH^YJy(QqOunoq`I{f$Oci#va?;z~c3$1^1`970HF~#ufx$1c0Cc
z)<dC`PqjN5^ChdfzE^D}X!i?&rV+S$>TH5O7dGx-<<SzXGYy@-aJu@H4GHU4wpM|5
zs<PUKHi&tD|0wjQMTSAvD@{5=RlbO3GKP`Jss9m52z{;Sp70Zu&C%Z9pDv~_1IN6Y
z3atDRKpW;%$izc2!2M(~Yvn7O{Q8$O#aXrW-^r>Q_l12_#pH)2KNfuH-ja72I*ws~
zN;06+t`x*Cw-~ODygMqZDjnaRTj(hre2>a(^3$z6sNeCf^N<XQguUc~WqkpL;s^g#
zU{zFcpqVkd?c1`v+gXeM`M>98yk<VEw!eQmQ2XJwKmAn{>1m<Z{~iS1%ZVVD&|u#X
z+!zf;OgGr2!pbN11HJ=HNKRngwSCa6edOgWJ5IW8HMZ6_e_azI5;?l(1xx7jr)L)0
zOTUGuR@#Ebrw*Tl;=n)DXYSaa;TA0f9c81z21_<ZzGa5%b$<(L&I5t?l1Igo#HT(0
z0O;N1^xQ1X++e~MF0hvh;NjxtW#{H%=jPSo<`w4S5$54z<>D3Q;#wc*iv2$wJ~~={
Zu=4)@JABXb5_stVD9WkGewQ{4`5y$4Yr6md
index 0df6c56fbff8ad43ec77bfadc2e336ab2a1d8856..f966081755c4aa7cdb775f0b4542bf2e46b8a9ee
GIT binary patch
literal 30571
zc${2%1xzJP)Ftlj?(R0Y4erh$gFAz}^MJwK-F0Aa9<GDCySqQ!b@~2Hb~l?&byYfj
zlS<dAbI-Ze5h_a3$Or@oU|?X#vN95CU|<jdUt>`?n6G<e+hEsM2V){HEdloV-<984
zmh|-m-cd%!<*S$ZpC&b8BMb)SUM?%~UBhz~l;e?&ebD*2HO0wU=D=E8>k4(k@DMp;
zrO-KJ6v=*o<E(g{R!Ek)-Y$!!T1Zox)sLlaPnBs>IH+B#g;qYRgVU7OP?kqOb^E%P
zZC8tk$RxQj)ph9hFfQnKIPQD+(-^N0Z;&mNJ=z$_^#2?7(9y%o_Z&BlywSX@w8i2>
z+CnaXYI2#F;UoHpyS*xL9sh5@URCg;0e_ff-qt=Wld}Y}=n+rK=eZc5xZ2}+^YhIA
z^noUn;EHI-1?<)F&~X{b`Tq%JhNJu}zsaj_q3hQq<y(5)VI?8_<BJQ=2_}N(e_1jY
zMWaYWOwY;)ABIQ~XvAifnMz%PC1#_{ctE!{>3!lldvP9KVq=qqIiX0b1J%~TWgCO1
zipN3+2NUGqy~V{mhZZV<xI<q>G<3^>Pn#uU#=&e?xBrkcF`{MgHwF^F2fX8LnM<3Y
z`7dj4LcRjc>@x>gxXLtbD0RU9on%fp9N*2-K&Ef?-}yb|8u?i*1X#XaTqxgtnS2O6
zGROO&scf!;;A?dR1UZ`L-vz3rtlB1c7AkU7bS23-ng%o%yyc5#6kUIvJmv;pgcO-c
z<Z#oZBF7jJXrbOde$iLT1*%3{LN(%qs;#QZ4JDTmHZ(N|5XjpaHals77;6^zpV?n;
zO>e;nJH|Kng!d|~JL<f%^0Kk&Y;sG>fJCWaDF0{uJcxXSUFP@UDaWIx@>I<Psy_}c
zb0aN?iD75=hl%g3<orbc6f&uJZmw|3OT|=#W8vbyD)U?0E{tbr&dJFklxlZvQ_bCJ
z$?mWw^a7zE3cl&K%6YkutDkVM$zIA)VG<^dm_^wL;OSz)BH08<#Qq>jk&7^?l2EZ>
z{<ix458kZJ4X{DL#?l?=L1n{ZZ(p;~Qc_h?#hI}>H;?Xfa9^cLYfd{X3%y~WKEJQ<
z{w5Ya4a+Lj*u$ZCeM<Nfv(b%tG619J@_ieYR4l4J0DkC&ikQZo>`v=r3%C1e$y6xb
zxWkkTho!^18tqgZVG^4S;SU4?jE)Ejm(`!NtL(*_n&vJ4F}VjnO20MJmHJFM*exja
zy}8xpI;)w&jUjJ^zT*&reP~6Ou1fSJFjE*U*~?G<#X?P)_p$hdj)R0thY6B1dK7B=
zmg`c>puirlcVZX)$7ct?S=JHB8GBa}8a!-oSq@j-{w|_L?txeC>s!>>kIIdCB51L5
zn<ZNCz4N&tT)&sSqX`mD_xZ}8-d*dRAQiVi(^^*0Rkd6b`O~S&yu#|<IAZcwP^*h-
zjLkjq83A0J=JmY3Vr+>{>%bVfU+Vp4DkWC})>CEr=H8>6z$-Mh=in)p)bFfR%pS>H
z>FPQdN?6$%7&%_M`#CcjhxZ^K-KA!##4Mg})vSrQx}OvBac!$r6?828Zj;68$l{qZ
z+Rlo0`toBv4BO4H&yeZyd1GwgM1$x9LC}bmg^4#)@^|+H-*jDurJA5c0|V#@4$0@2
zaG7;Gq{&m=+<_m*xjq+8C{-)XF!rqnspz5fI23maxus%-E-?JP<|m-${_h=;)7`^V
zIj=Uqey#U`9Pq+o5ebw(3UOXyfB&UMac$AHxsFN3i~utfT67_jLz4IaQ<xJx(vG{#
z2~`;6mX4-l##hzxuQ+Jv-FkYlyj$ftYg$_YKIm!58(Yl*k-9~Uu(6)1c4q_FjcvU&
z-87%iW#~A@k_%2kAEb}3cA8$$a#2s7**n0*p5s?VTOe|v54>S0Y~Uz~*(%NI7V(F9
zTbyD}<2~6OIZ3Mb3WCE@NoMb$gxAypfgvJ<i^7D)^lzm-T$*nAq9NjY6x2(A)4Phc
z7ul+j<ed`E)yX!cL3e#+uUzARowQjzfi@FcO`RvCCH08e!fpF}I{<e8CRp|R?h&e&
zQ{!T#-aS89gXIMODXkWyNavB|h6_H@Mb~Q>>2#1l0A}n<KpayO+{99K=K~@tu|i4v
z<;Tn`P^B9>GVUJgK}^HydBmpX{Y@nHUK9+6x$T-G=0o^c7Vh6LdWu2@M~KtjpqhrZ
z1RYjCu=0E30Y6H)M&_h8ZDV8ma)%eEqT)nR$l?|=3;pYCp(Kz0Nz+=YpmXJsFIBDU
zO5&&3S-WT$xNmA)Vj@PdF<Ok2Y?(TA{#MAL{zrVH+1FaGr^xb&RF#*H5S`VL!dG@b
z%Fkta@Z|aJe7;>D4S6%Ye@A@h3t+5%1G9(_pt27!Sl?FeeihKYy1e~$$gHQ@uxlrM
zBXXbdd4BuO)6L(d<REWzhRSWb{`8^2A#|Y~ci@PI0BcjGob~V+d2_@1;31gOq$w-w
z^rr=AtHz6wt<O<tvY5@6M4(pgnUpj^GZR{?0GK9)ONJKz2y!f#y1XSM7ay*5j}A}c
z5Lfz(+P)aKgeN9VnXVL^kN?l%<r*JD9KQA&|KF>678acjBLwAT&!(`fS>7B7fvVb+
zFbo7^`rvZaQn9_=3Z~Jt&>-GI-dLt6%18|Jf3<#6WaE{IBjzXNdyI+rYk9+MQa+0=
z1a?cZ^i$tTW(RQUbtx*KG)iY5GIwh);d=yrDUk_pZIk#95ex}D&v{?ziju#q$0!d^
zf%4(<aW>V^28O&h-}8BSxL?qEpb>GjrGJXKzZVYh{JNV6_)}edI4i%UC@Be@d*tR&
z?n;m&hg=~<4i##xqN@6DIDwMy^}NB#+IlDN^9{G%<1)8+=Cj3rX19j59kfU-?UE}^
zAfLAJrs=Ab$>p?5rIh2tpMss@H)_^^-(<Vdd&*-#O8~-y_2ofp>he7Euz&C0J;Ukt
zt~_E(UUuDbGqkm{?J8<0ntM60JbZs>=+<=-OkAG<v#3MFXtU?r@W_2f7uz_Zd@TP*
zcZXIg)m|8G#RVY|cTcrty<BU&2diFwN2d8Q#Hu!O*MdyQ?T_}f+f!0p(#UjYi{6x^
z;BL#eq7o<t$!JVa%7)Bnwads^pSoqod94S@$~<F@nR8vR3enOocAQ$9dJQ)l1&0k+
z<R=WIcZNYliJ#G>#rBNtL7;F%j}^1{RxH{gC%;3EL|v>*$>iJ(S<>TvZKms!!`?CZ
z=gP#Nj>|82oP&5c**XsrCcXD=x=_63L#pput$Hsbw@6M;IYzQA6x~r(E-l~z{P!b-
zf%Dm{@K(+1>Qd}|tB@Km`1WX=9!kK^c4B}Fq&<I(kO|gD`5busbye_k=%|Iv$cPF*
zWB_ve(#>o&V296fvBiVa<!xF{7&D?je@u!Z;o|f1bME(sivVvpe(QY;MKg(;06Z7Z
zcCi|-=E4(=@<f%ivw(3UG;0>QosuMO9$Zi93v!3{D_$<7Wn6c#wP_jZ$U2GtUEYQ%
zWXmZeDX%(Q9q+=j=LxOI(?1a#^3=DB8i2k)anu$n4vVfY>y-{Y^`+mX`FJ+pZ(DA8
zK@yRD?#9KI>Zr2^IAH`t#OHllk$-J&XI@V`(!pw{sUcA~%3beGKR@4Prmn4wPC)Y2
zClmnO$@XykIZKFbUX+<hy3t!YX6C+2R5q7ECX31Rfyo>J&x3_DD|_o)CZP96)0+MB
zmg{P3RcWad@uE>I<ayiY*%B8Ix1Y!&3H2iS#`B6{r>kIMw>=y=np%=O=JIH1pS^{$
zGov-nXV!%xluu_L%sAUZ!ASCxw2>?+IpxhHr>hXkjO53r%Sn6Oy$T9q+{djUQNS=k
zopxkwtQk$Jo7Gz8KUoF}>K{6PhM5pT6$|{-_;q!ZdTAE+6RkPw2;YaJzfY4=*<z!m
zLPJfkeNc!9=b?_lmL8B7OW1%{ORW)5mXI_4tLsUS;R>CHlQ*@FNhHzz6;EIsWDFlX
zO{cZz30`jy;L0UYUlI>YBP&X5vB1DqB14!>r*0yDGe}T_(kD!jwMmfkv=Fo>g!-1?
z#GSjPI5-yz6J10CGuRXt?RY5QaraHU)#(~JY{7s#t69k48AFmbPs~?~85H+{J*W(k
z|L2xoj8>t~S}}g*jqK#g4D14Mf20xJC}Y0eRpvk0EbR1(R<pIeC+t48b4B(7ygx<6
z%5_GFFpF*iyk!J^ejtE_fRxd)If%=?efPd~uAjq&xB{?#Cg0Qv&*DEVV2W&9dJ~PW
zd&hy2NZ+=7pxz`OTlxVCR_~jCg|7nT0guz-tjGftcVTC^%w6bDw#LTfr0>VRkx@~y
zG#Gz=$IqhRG}-O(qs*1&$Y?Ied^`;u^qbU88FX7+FE+PPIj+?IwD8ddpl%1<vYHLv
zW$?!KxlD=l4f62hYoO*a($kwSj;|;PIPvcdDI1+HJ9XUMAXa+&m6SlsLy(^VUoX1>
zA1PV}C&V`avFxX$FNc~{_Y)$=wsEs7U)Uk>`_PWF7O{eeJja6?g(5cuC(q|q8SL-1
zwvDMVw)7S6#vYO^Wp8y<nu>j!8jQ6DGK$7WmqqW_<!*~=13j<Hd{aMNVnMz>C$m3E
zgev@4+paOXw<?_UFKOjd*Wa>CJ8>LzWF%;8&TJQ(+%)Don8iyKG3n8N6szbKgb&tp
zc@ogF$nwaY<H-O0A(D!VRY(?G!xqkhM1knrdzY0C9&u;QhAk7b2muPfft!XaM~5rs
zp0)x`r-w=vhNMDJW93f6i66m}$v`>=tH^Eh!cbgDmx!%SSPUojBKDIdVp(v(`>#2t
z)DuaYT9T#Q$WU>p{7F&G9kJ?@Ux_UP<FkU$*4A*XR9;XeHpJa=dN{Z6=(Eq(j@Dp^
zN!iM?v!h5@4M|hl?e`un6Zlrs(S%Nmm@-&gKw<nEZNtVkQLy)@zdyd&kR^oNUbp8o
zJA(C5{cfj7wYmHiwKM4I@vNb6J8DDd*q~ypu*y0j00l7&@V$%7ItSj05cuL|ds6(@
z0DyP59}9~(2;?8n<&WK;Lfy}=TZTmSA;Xjow;m0~c)oW<xAfr>GRXP6F#{%4yG|G*
zR3j25Jub($&*4~DXz*bXSXe6B+RH~RvzZzUlHaL%rA7Gjd@kRybB{JUtY%_rx>M{R
zgeE+|Y#u6;(!aTI=N?_hNt2j7Uhogk1S!JhNJe1_@UOm43AP8N8Tcn~PVpwKG$`$!
zH%yjz-{Fz?ys2_zjE6N}F24|OGY)whgaxGz*}oe76rZc%7bvW6pp>)pq0O<I*&;r3
zLPqjq4KG3c*fI7^4VgNk)x$E{1<ojB3uj_RS|r^S0?i41mI~&166ptArh6uteU_W-
zQ6nCZ+_|Gb`yo)eTg^AQDMKZFbG;!^pPYDb?-FoGeQYEhJEd8|^>?X1Nl5;@X?5MC
zREUz@B|tW|dtNIVMh*#(KK(=WR}nGVio!L(L4qPd6N5sY6MP>ebhu;Hso%GhcJ3;_
zb7BtIge@>Ka)d?>jz{RzsQ&F<PjBo#Z!^=?H!zKMMekdRnm29-j^4}K_arY4RSD+b
zofohr_QHjLI)n`e%LNk(VTTZmW0kdjXq7x`1-}Y*5O{Gjw?I(UBfhs?n9{3CMr8%f
zZ#Z?A1=Wb^YvfJSbk_F+JX-;#U088-BEGi4Odq#ORF<%hgB`g9DPz1v%@SMAiH%{q
zw|6fa4CVT%tr+FB64A<w%;OVT-%0cFLwls%sp;UMjQ0M#`)&U3(}sFCBsgjJc7^b4
zQ~}YFN}3Rw;MAEx+@ZnQOe5g({&*Geyx#TS7~qG5qv$43$2mDc;Q1Jh?|VMZS=XQ=
z%x;Ndz&%D76BD943NX0;hidT9-u-SjTug_E!&K{xLK^<q`N;9bQ?Jy3Cc6f^vmXRm
znKCr$#cK2>bx#3M)0dCx+S;OYSQJDk?9TmgG>W;=Q%7g&EH-Oj7WcO6(O__k<fVQ3
z_>xt-)@b$moY;4*KC8PD{ivW{N%_=p)Ae2P49vdUZ{!vGWkWbGZ%$c&IAAExlS%r6
z3)yO~p3uH!2RR@!lfaP7)(>jpvjKE|G9~!R)!5jmcUSGf>3+_;>9GR)bZbZ|N`HS)
zGG?#i)pyVH{-8bOLpGi#vXzeaOK4`nIa5UeQ%!+TRo77s*a+&MeE4&0ds*BdBqwbt
z)~KA_b=MZbDNG9`kb={Q;h?@et-MGC%N^(}F+$wdN?F<XlnvrdY1)gIp|PrPptdVZ
zcRSS>#8xQjvp&_7XY0C>2#&X1zoTI!U1{@ZV2}A|Bwr_tyMKG>`yb?DO(t{)1&Qrm
zYqM=5zF9k9v>5#hy6G)U%z6{v@?pwzs6gY3k@WH!5VlKA)0$pg6(hrIStEt>y*xAg
z94u8>^q-$BO<VVS++g1DV>R&9p+oZ$g+m{Iw0na5N4n*?7ei!?@x&eSV^v)y1zT(l
z!kX@9xJH&}8M&z(MCteGda`X=H29sUU<o!XDzqz8e40@3+^gXVrra|VN_IU+YZ-;P
zo}L~@q+-fx7Asb1h?H5++(DObxoRz|eFJ@i<bUl1cPNl!&>-lkFd{??gQc`F<aNcY
zAm_fZ*W*y^^(ns2WFWcI#DMtWxG3WP-L-3{76eljsalt$z``aVKACDwiY(He{)u(C
zKV1+qWSLljOq3D7eCOx}ND~~d0G=z?KU{4x7pnex32a+c4*lb8;aUI{+s|15FXTUF
zuX$I@5+CD;qjHoQ>KYnEdy4XWKVPTbL0g|6gDRDhs<O{V-<1h??1|>elqnO|wd5CO
zXL}z&Yby<9xuKzh-y5?gEUc|h$is+<RZXsWF=>^G3kxsBDRY!K{a&~>wHs1bS65|Q
z*{?eb(zjH0KVC0+nwIQa4Q-rp1E=va0YBSZPv{F&=#oYUFU9)s%ksXHp%r)eqyB8N
zhY6<_*Yn+T<8eJh{W9RT+mAh$xBb^?jqUEKpIh(UrXSd(MHRoWj&gj!l|^o`tel26
zJhnRDR&8p8?01JZt|DCI_4)wxnUC-@PUU50<yc~5|IozrxGW20B=%g({RP$pPLhS`
zL(-wgX9<c$ZICc>WA#1mB>|X!MBHIaKiiJ*WJhmE+CCxQE<2{iZy}G3jzS3DuO4^^
z(p^?H5PSz@ifVXd0yU%KYfTj)!64ongDpRbXSYs-)S4CwLic848+e|xxJ_wXj&dg(
zltm=%K(Y21c(s*7b0>E(fkwwRYNK!g#(2?qssqQTzXp}Ffy(W;2EOnD%?_qh7aLsP
zzQK|E(&`FtMKEA}ObtXibj)2oZX}MDvYb)?_68NVI}lmS4o0<>Tl_cJ-~}~Ww!LzX
z=viatPmBV0;;<0u>uFYjaN5EUKLYX(X!mb1;k46J1C969o_|$2rG(9;#3<T0ez%Sn
z+r<=ym{pc|ssqATgTW?4j?T2`gn&GkM=Adj+a^#K%@u1BXz{|8vnxP$pY&nilr~Mv
znY0tc^u)vTLV@U$r~1Wr2qNQ^O?hEF5#CrR{-6s_&HVxX?Esz~6pQzjZ-+Xq8?n|L
zfX~cqDvagkSRtFzC>H*@JGQ?`Q=*cg#V|{hWuarB$eO4ZN{WCZ$AKgzj5L<JyNCN%
zlBTD?pR^Lz!p+0eVB81OWViO6CJEeeX4imu0Rhs$;0r+y9|T=Hp@cNvj-e{fBx0XF
z;^IXsGw2gZohKSU9z6ShRmoa%=y{I}yqzCCQUJS1TC(<-wC^5re&T|q;YuKQE`{JW
zxW5xLIc#yGpBSW#QYH56XX|ef0T%_|&m*hNyY2_i?AO^;+7WR#pB~rj+wEdgFK#p#
z+#V=D-(b@|*QEc;_-BhXB~?|892pV%C~rI3lid~{zJ?Ub*XULE0Pk>@;GTIa@?td8
zAq`IdUQemmKgA48;ULeX)L6Q@SS6FM4FpmZ1}w#eCu@eAQOE(SA{I+w>YVm)nl67a
zE$SLpu?y>@v)FfEB;mee82jD|JPNs2+8*9Tl0@tm9T~bLD)p;Fki(^u?;FULLHvNL
zBHzqN%0@JPvpW!Cggv4GMAv@haneUvh>iVA;M^qCc83>kFG8Da{$d3)R;&hOG{Lt_
zYfcMxlYN=-_w;pG$nT|!c_Y9RPA8$X(m^TiYD0Oy_gon=yf@OSJ3uf*!mRxb&!t##
z{D$c<MIg_{UCcalv+pY}H$LxV{*0VW39ud+at#-Y0gb)32xjzK-5ZX7o@CFBDM6@v
zqqyK+q&7`L`z50ao!(ACO!i!;F}}=PkL8QoG!i;{P%n2-@YSBWFw&H0JB0aBwt%3P
zF=JS<9J)GtB7>|{nG>+8Q3Vc-hDK~ePe^&!i|+=PO;JI-5Z!8eHu))-+E?vhempje
zn|iejt+Wh{zsTid7?u{?x2)i?@4=DH<6_-Z2pi1bZ);}*lcoK<-c$%0jN3tX>N3v{
z&v4l6WxPB&HdCxqt@2NmdDGOABAEI$uM$n)NCDa!Cq593lpqp~{R<6TT18TE<<+Id
z#b%@@d3I~ITU|L-Kbt+uy$zS--d^j?<$sX=0SU6Ne<9-K%;Bvr{$*2v#^q+QY7HI=
z;wzOus=~Hc%gf5bFDxv~FD%3uv|N?8{#Ws}8G0dd+gbeSzzlwG7vM6<7sqZoIJ>$y
z`bEEB5c%B@j+?ExWF_Ym_F!vbfy4T+zW_6ZlJ_2)I=A3!jRto1_L(jIef)>x!VzCy
z_-4F;5lr|WJ4FDZ$is!|Xc;b*)h8<&Wr-*j4o+0kQSSKs$s8WLGuA)RNy`y=xBAxs
zX>ZvN=e6Mxbv!<DTINVB91fFt?b6907nV?0iqTYLoBpUNA=Y1nt7GWC$RK^E_p&Xw
ziF!kk=jEMfKe+rr;4A|b8r+C5hN#43`%D8i*|0?eXvlLMR)Pw{EAFgS>ic){FJ|2A
zG(=blgF+zx8x<MJdk^Hq*Y~?h&`{_zyF30R6<2LBb-{1ob5G4LARrBSM+4AL7kG4a
zzg(3RB;lk;7%u5y11A#1%7^k4E36EdE+q|~KYnWmqG5>RdCFlb4~3Ut06p9jWlEfg
zVb|P-y}4(TgDJmLKpP`OBGNH174zyztVW_O`6Ixon_!_)g<m15@V$x#4yu3oCfSA!
zg)-c}fdN(Srla_Y<z?9{*IAm3$?Y}-as}T|$$s2?GOW`4{P<oKbjg2W3Vr>K#1d&|
zohnu*L3hC9<<R6Nv|h;h|H{(-PHewcC}SqF7H?k-KcR-4cwdXrp+;#EhJ)f0Lwm(c
z8XFasGBpHabCNo)Ej}=-@`w-!`N-$PxY$fzxQINqo`7pjcBWIgFZMUMAS;1Al^6Xc
z+mTafM4W6@J+%jC?kpj%sa)^K$jEeVJKa3z*fWl=z|+%HG%-IoUVFHFwt1ewdetH+
zPOn+`FPoeB?eDGhL78Y6ZFJu7GP~)BMZ<sQw$)qL*R8f<t;WBx)bFJJCr;7xURD-2
zhvkE8G$~K6WiE6e?}^pa^QYhGZXM1%-8?N+Z(=C9GT#B#B=4<)RBW{rfe@;F6;X0d
zv0WdcYm>*c`Qy@;8OB$3{?}@`J$QyD7Ia6BM2gosC0ZP=Q<gVWsXkR&RF?`%^3<?i
z_tz=t$L`LVu-A-3<B`6{5a|yf3F!Gz>?3o^hy8*YJXtLO$BMOi>r#_wX;vh_isE6-
zk&IV_Bn~>y@1<N=qB08VhXdhn7#gL_^{`@M1}Uw$f?s!5O%7|3U^M3o)w7Y7dH#`}
zf}xAW0wzNZebY`6)vneu;#PCCY<?K@(7HBuKHO%FwRVJ6z+rwJ4EM|yg(S8l_f^?4
z4u&)SQFNHn0|eH5F5w(>-c{^tji7k^;vTKyv2hb5`5>&`-nepw;K`gmU>eO~zw6JY
z-`wqr#T!V~M+kxaw^;b*XTb4g_=HK`UKeERZJzg3n~>kR)2Wt-f@n==CU`VD$~*KW
zGX%jnz4J2aHrCs6^hD%%Kfo_h!*&x^NjWl1?aTbMkDaOb7H^l^%qhnJpNM)(2j_g)
z9go=zY8f;JtD3StWfUn&a~LR?8x3J6&n}O;6#rhbT|)l`x7f)nQl_n?ow6_Z?cRa+
z?>P|=5?b5ZLO3>JeERbi-~M+XQr-PA2*6eAUR_=`OHDm2_Jf8Nq7TtuD)Cludt8n^
zm0dwiWqDsj+9n`}I?5A34Or5up~^jujQhig+_$~%G6}nVpk**_X!=qo8D;;n_V2Dl
z|C!a8&ZJHW3?k4TwWs&D^^xOM%5z#O!FLCCUBGv^9actC@~QT1!P1HJ?^GC*sPp1$
zvcN2<c6=3<j6<o_GeVdCnlJY&O`Aik8U!7pAaKidb>2ZlF(=>5iuMC<hfy>gT&{xV
ziZt&N<FBEw+S|b;WARz}U-Ut19^c({m$Z+M)>!e3spqBfXFf+wWvip#p`<-%804=~
zRMY!#>X*v_40tiQfC<^(zqI=rranCHRZ&%%&li7wHacGSGJdfuWMiX1P^A$m2Cwx^
zGWc0@6R_TV4d?XK9W!p=`21W#PF7YHU2=drx}w6Q_eoYmBlWSIHpI+X1jJC~={}%7
zzjz^PGm9^9o3Q54d7mfkqrbV!CRjoRAudyFEN7e!K~J4~Gi))pT&>8TBxxnvkFdvz
z#9`74*IXZv3Y2qj0}^A4rK{ml!yI~Mq*6+RajWIf{}S*pl}mC;F-3=l$g4*yEf&R-
zp$f&}9W9uPn8^j@&z%%gZ%DaRLWAH(e;+_m8V6Cnx&O(}ubZ81oW)}QVyz$LC(pE_
z!Ij0DQL&!ULNgY@@mODqZX8VQi5*%ywdV?+8Cfv+=H|KO{(ne}ecoU^EXZ$otF=fq
zSNudKN`9#9d9IJ7TqDwzU(tsxJZWN=DybtuE)b1H&hPvYRp@S9C0eqFF2IquV`}va
za)~1yWa3diutg6-XsOIU>%Dh+2`?p&p-0TVHsxj**sm)1us***cRkU}EoeI>0VjTH
zYU+NIoJwy$^E?U{i#!QcRdf)@uJUI$P7k&&;Mu6114&37{GSmV*w6{Z;Y+xDN*Bjx
zW&RGTL6j>lf`k(pR^p}K=WB-05f#(ea7?daQG*jOskk|!G);D{!*ocv!tj9p7ve{b
z4ZxW|E4w*MUdej%uU1Uco|OQ~tQgD~nnirlR97%&X*Qkzd)8LeOX+b$>>aaVt<i;f
z*dZB3H5d%Od=UVO;alkx7<lST61-fJOQfi{6_BD;UQ8Kj3Nj9frOWf*dg0Ke&I(_D
z*=<0}`{Eku3Mu?K>ROY7<$$_!f&vXaGjmbxpYXy$3>u};44365MeZ!)+rz4kyV)@;
zTx_RJXk0eqw<qwm^SCz<E7AlTOt8i%Cs#F=8oc#g;t#}NE+j!9A!bDInHT<$TfJnE
zr>xT-W;O<(0N#TG^`F92V|)YMGz)>wYo!LE*$DGU{hegS?h4ls!f*?INfoH@;NQXU
zC;4}^!8p1$wg<<_X*3s95?sWzJH?KE1YFjHWh;sHe>IJO&wt;LLk_xDjS6bi$%6^Y
z#;up`S7>}(ONBHO)lO7s=?z6;AfPSCY}04w86JHwL#6Pnf}Oc?i|%SMhyCk3j$_0n
zS*`njV(3#HX-}BmmfpXepgvxRe~6jm1SYcOx4sDl`CQ1)=8jMV8x@@;jwgsz1~|R4
zem*V1hC0e<f`NAfNMF0nI97;Jq~se-{_xMMRiWuJ$&{#3J)Wx5OVZ(;b2gdAl#JPb
zpy?W(KfdxE?6<a5kGZf4u1T8^AcXLO<~hMUA6hNjsvAgIbnjwfVAt}*48hrqeOV43
ztMwaO-2{41uWG(>oJ+`JH=3A2s@m`^D{r35WOslH9h{XbcjV}xGYjAqNq45p^ylPC
z5v5#ZXOgy0vI0YlCDxoOH>sVx|7*WC0tAYsqRpB5hK+TvjkN?0j%jp-6pVaApc=)2
z>C@xq6Vq1vt29UMuz_|u%Ln^a-tSBmL%4t`|LaJ-+S-mn1q5&kR$MHKH1OgxFZ!E>
zo1u2|FbIV{X{{DcF!BBHoidSor#2F`<Lp6(Plw4jiKK=BwN}6Gw-4uJN=NZcG&5ph
zu5(3*zs)fxS~pAhQMXrpfU?f2oVvY1bq$Sm2cLgN@kVSiPEPQqLosCyoTHSeA`0f_
z)R$fR7?B8%*k+f@P4_JnfHmjbS81fzq)HN+Vzuh&Rd7A>U}y;7kMvN<KY!xmSrcX2
zFWLrO`%)KUL-iR>FX-1aXH<-Eo7#m13VcV|OUQxDz6O!`gf3!A9E2pAnnE6O&&7Y&
zi!<lDiheg)38YxikE&QzT?Y?hX9C@wfbxSQ(;3k_FIYu`TBgu3IXT44fIpz+x=|~{
zQs$*J1ou%Ot1Z7;CjUYPGR<1z!OEm<NLDT5dxDB)af_`+LXD?MD@)czv$$k=a7-9X
z!FRfnMoUJ}s+?CJlp`K&sM^pZOl{nRVfQ{OEV{$)?&*>jop6M!pi+GiWN;5DoBihi
zDQSmwc$g-b(H*9lK!OZf)PY7eOoyNbF~L<mgh`!e_sNZSOv$#<st`uY>qYx}xxyPt
zz)HiR5gtwZ<GdT6zw6#P=hQ$w)0eH3+PKgMtMVT!KjE)##1RXJH1L)0YB1xM1CSVv
z!nXp01%A0GEkbxnkVG100Dep(K{<RsV+9|)J5ld9zXXVsnDZ^<xU2nfwfXF4jWbh+
zBvxb=atC<bvx@o*&`#H9&EGzqrDT6&wwx>jF-3I0q5Eu{Z46C}GEk7da~%$|4?AN2
zD@4F~8`4~V?=ys7Q_Xu{UBI>L*z2Ob*hVu-Z)L;e6QlJ;?_NiU5@g5f{Frj-+5Ft*
zbVgldfw97~@VGH#zI}Dm5?mL&KI5+*vDDzju)Li{y9vt`or^UB&Jr}H-M;5;v_FsK
zeTp4~GgyrC!w-kR;3FX*L}ds!q?ZoD_}`uxUhj<67|kDd^}bizitC;{1ego?S1#=_
zBlWovmuvh$)SIfE4yB%^D^3o6`wjseXv>RMDZe`6Hq~6Uyk6JokGp0KzPoR$-wv^S
zSYv|J^Ed##<c5`|R6WYwZr?`F$sHhKg#cL&Ee2jH^~$9SCxfV9jgAnU0M3a`kL189
zA5(TFewO$2%GeEntToP?mhpGCU>OiyS>{WU%HurPpv5|K%&%qUknLwu>-~-x!iA;A
zFm=5y@xu~RXYGMEU3B`A3uz7PF#o=;4xC5^)XwuP&&564a)=!?Ymp3~{hQefMUkpj
z-L{7d@O7M-A#&kPIzhP+RQZ!8{%^MAOR?wy(`~usA9%ZS)iV0E0%RpaBo#6}A*#=A
zcI8>`=+#wKNA^ef%Hod<eYu;}!)pKsjNfJiE;~4_+D}L~zBK<(>Zbb`3$ln|$8o7S
z<UMW52aC}}Hv5-*l2a?ka&v131JW<VWA>a0yUpm3T|k!xQ$p|FFbY$ZDrKea@#X%O
zYtGNf##(N|o)VfHZL;Gl2Nla2PYQJt^(oHP|E+fD=zgFB%T*PX9vFJPTS>S&Py+`W
z2_roh{{UM*gxT%><da<TMFvXYM3(}8VdS-*itk!>e>9-!uHTjXWqDnB1U$-|8yzu*
zL?mb8{v;I}&em2&K;vM2Ptx}axD^iTECCc+=9xb%{Hcr-S(QF5YbVLs=OFpx`va=#
zo38aF!z<VeURU%*jO}6<JsMIh3j>2mZ$IV>l;LWpCC}JrOEzYyLWv_-`IZrzi5d16
zgTaz|1~3ZWpjT9QL%m_r<o1NR*?h?|q8!;Z9`H{erlmbNx#L(aq@fXnrHMAYYMbYo
zAEIPPqQ48EV0s(g`iU`eh>`E{MH49vAdbNv+_mSxrtJK7Cp<Ne;>!4G9V$rpPH#i(
z%}kt1(Yh^7WCD#5%nGQs)1NTGBO$5rsD;%m>I>)>953Z_ScMx~Pa0{w!_6-h;Dd-}
zkdinThPiln`hyNWJo{0~s<_2lNm}FzuGp&dnv#l>K*zNLYo;T~;{FtUc!L2da>Q-|
zJyk!sodJOTnhwBCnO+ud6L#${Ej)5ZNaL-P$IZ{9kRfl-rgh6f_0I~l7n(25Q5K^g
zD4lS?h<Ugd=e@maxDt$8_^UOuvI1Yrp9BQBf4)BwHf8xEJVhJhfm;vLi#e_(uBCM}
zcYoNo+l{~mdc67yPx8Jqf#rI+L&xp~Y)>ueKi;nvWN+PTb)RwesE4AdPw_wcdV#dM
zn3S@)kqfZ-H$s<mqMDNOzqv2&m5D4*M$-QL^H)(-E6ZdciFy4oikQn`D<kd2?T{Lv
zdTx6W(opoaM~8ngciCSd5lgqCQ(x1)db!-u^dp;@aK;`cW!!uN&trE)A%hJAO48q$
zG?IW<`XWAkwl^6km5V**?K3pOTw8m#cl@&X=I7-n^UB%hN7rM8sSM|q`;_op?G4rK
zlc%1(52z7a*l_zV810l0B>9bmrVYP<>D$4-Zno#(ax5$yw@Z=vs{Gn;r#;&1G?C8`
zZKlmm!*IPVFk!&<-z5Vdy8&ax(;UQ%iPhy5jUVs=rXi|bwGuLcN5AxjBzaf03go48
zRXtCG|8Cx1?j7a&4<09u&Z;>Rq(P90#fFD?+XXHtcjbQEU-~~Bo)Xto!>5KmV5MTC
z-@&r81*^%??U27i81`U+pWu>nDj2I4;4+~s+Lr_THokm^sr=kwDH5NoVXYSFj)5P{
zm~<L$uG7Oxk+9n}ASTZ=SFn1Vo{(Jc<dz7v%K14wCP3^(h$lnIW1gqc!*x(iC$z5z
zDcYE@hbXoQdHYcDOy?ua=lX>bFwi+-2pMBz0HOiZEJ&e2;4%w8{LXtfrnCD9WtYK2
zkq;amPS8wF(~MUt(`j&b%j3YLRVoAmqqUg^D;B)U(8@mz6%}LJKuuZQ;b@jv*x0vq
zj3WP1tFpXq%7;ScU*<$ftqs23P)78l?ZGe0lV!s*o66m=-DrY_f-e~V<VkjE|2U26
zD&Hwpp)=8Yj!<Uv+SM+GG9OYs!BO!O>do^hO-Wt!qg=@rT%cK<T^%~1oXOxMtbGID
zrF<D=Kz$K9%xlMt={>VD2Y9PAH{v6PG?{KAQdY6y8h8q4dAzB@{Y(3GIMLp2F@TWv
zJ8*afRgocGahQS3N{THwgHniYmS0JCz}oF```9&3j<*Kq0=~Wux6SU|d%jcO9UvD^
z+2M6xBUU770LKx3V2FGZRLW<#7;Y25{w%B;Jl~CkKk}30`D2lM3~uih)*(4GTqA~H
z;?K;2pVElP$2BSggY@CZR+pQdfVhh(Br!1v*m#)jGdjvhPfuUsY=$ko)%Ca%)Jq{Z
z#^Cw118_V@Aq8!U{Br%KStK>5(oJik`!Ud?74|Fkk}O<<p(t_0te)45R$Q|87F#xc
zdzt0SAc+~acm@mYzOk2>(&TYnCdW*4l{TUZee|4tYJa3L86~Jg+T5^1KiUKA=2o})
z3LfXN&k~8H<|{D7U~H!(8NaJ!;)TkJzFf;P;v@Gr^AIqvEdndy<6TbGpPSnKW$Ty9
zWaE1VF57{-LPsBKCkN#fI)gM@RPBl};pQAW(R*YX2D5lKR}f8Wo0;c&&E;K1t=}?W
zvc)L^M4ooy9(>-S44>ZWgv<NzD2NmZd;TkSwHtmyc{pTs8{c@Wn~u~|Tjt*{sL7Qo
z<^-O#Rc_Tb#nFdYXO8E(VdNfNpW3h<QMqNlI<#DzO)=@z7b_sXD+b(7@{x|!J8onn
z=fs~=j@-gl)qo|*Mas7|gbUuT&w*JDOz<%20)6NXH8}xYtUC^$AyU4Dz(O_u-6T@W
z`EU-P^VP26#_49~OvwW%CPN)L^0%rkfj5U=|Edp>j<VlltM6NHm0(+aW~o*9j5+)!
zz?;|{T4$OpN`5#h>jgAN$9VYz`^=RvoqSLsTTaqC(8^vpIwp=?1WwS?kue@I>?aOh
zN*YY0ApJP>FmeP11(xassbW+^6t{<mfzY}*So?g>#<}7d%Wb!PV%aT&Ay6u6ohx}*
zzBl-y!~~QFZZPe6gWEXm2O@%A(2a5^&Xx%#r;_&1yC(@Kr=2`@Vfa#zN<KdYI4vet
zc>F6uO9zE24el9om(qUIV#2$F)?<y+vt386qw)B>^Q?cw;*GpCI@G!hp$s16<g^V=
zt8|AM^#E2>Ca;O1awe7yC=%pWsNEUViuL}AnudOxRa;dj$*oeLG{u3P4Wuv}yhPRc
zw+(Cgo&}g3UO^tQ?VV`BU%D5Rwmu+pME4AsG@GmE+$2}7<Ttl<(o~(sz2(bQVc6rh
zQr>&y@`q^Mih!Umz6tSFQdRxFy&JXZBIb8gtRkzLfr$jwxVS26qi$u4-&@PnXBkoz
zuY*CyJs6iQSjsPO&1FczyCCbS$&fNpl8q^sC9H+_9TweHMVNLDN10}^Mv>}j80?`I
z$`R~83FZj2{ra+9uW}#0P?6#r2eI7GKd-iy?pl+i1&Y9!^j!PCF9_(l-oN&%GkWfp
zWB<N*%*}gy3ipx!RW)EYmg<X&wl}EQbNPq~imo@cG~^t%RxjIY@a6jUt=?~lJAiAo
zg+w&-Wli)X{ghopD~>!#_IC7d4Osp(>x2DKYP)?o28*He<0wVFy`l$Bf@AG=yZE<e
ziCU0w;M;Keb<)1Hh&ME~Bswr@P=4|E&4YTw<w-NsKUrF{m(_PSiFTnP=DdNEG(FKj
zWFvqMAN6iU__=<-=!u!u#hIa5vX+Tr?y4e6W0I5reK7uRC8yG14XOww)vg&zAQ**_
z)}GR0XMN1z2532Az2lucN)>Z7-D}m1CN`&MxW^Mo8sk3mg*OU`4(y!5Uq7#K=&&XV
z>Q~8(+EG3J`4MhO$Olo+0I49Mq2y%Ma*Qm=>l~uhzwW8O8O>~Y%}=$pM*o5s#*VUn
z;lW_1P`;vdmT3tNq}S~|$`1aSsq`_$c58Qc1wG}Uz3IrkV+5$}DpWn!9<^#!`QA$o
zM(6a5^OfD1IS-qTFJB9O_TEMl^K|(bN*>4{_4ORxD!!j;b@RVW3S6$cw7B?&{To}&
z%?e-3hz6MfPrRl2DK)C=)<W3q%2QxZJoz6dlQfIOQv!GSOqDa8M(<j!RYhUCm8@l~
zzRSty%xvd3{>V+N-piz_bZ+3}{k~GcQ8f2qw%9k_>gtF-CGHhjd6r*{lKO&3oBTsc
zj8=)%&?0pf2L+ZmZ);Y}NQU`cEh4`lrnX=LA|sW&NdKk7f_Sw05dq}Ry5CRSQ5jVL
z<&XHCE{0Bq9J1*M-(8SE+5D<@WQExRH45y-*H4^h<-sY*!w*k9xXAd^qh(*2{(Xk@
z{p}Ow<{x)-LGKsR^pLZ6ZlCcuy_u@d>W%x_gi(hadB=m{lN|NaQvN!-+kWY>LPGoH
zM%xwU2B8TEdTPsk5Tv310X0Vk7eTJR@B7l{db`NU>CYJo4*xf(!B}Ex?yQ{>EoY)@
zqxx_nxFvnR857{saJXvGKCOrsbwWI8N=%`eBGE9l+iX9XTf4VGrcy?=lbT<HUonQz
zY+n+qV3rEiJo7(7xB?GDm{>)3#W>1vc4w>vM&VF4v%HtpSjurQO6iyr=bjwzTATQr
z-HwhMb8eB1Hq^S2e&VJYYqQr(DW%NjFfZI3@eEDHP%4rYgB_FQsPTPSQr9q#nf-`7
z2xd1_ax8+BF`OarS-m*!;y|5?{NT~@7(~%@0#GDH;S3y_(7H`waq+n`dGMb~q6n_&
z3-rb&V4@6F25+lXo+>xb`ACAu_s(hGmq6Idtu>oR@a;gx>XsWV-K(=UeE})WAF=uM
z6>Z7|U#ZpoVp+<@hS2=LTvQ3cM&~=Xg8^fG#&~<cD~d<#C7b7H-^A)@9kIZfX9VyL
zvBnc<9iA-PW&p=p)o9b+LND#PiU3Cn4rr|z&x1F5qEZ`XQlkn%qleM~I);etkzcdv
z{R}$~W>BJ13yjV|Z#vqZ^M4zSQzIzBA|Y8-FHO0@hBf&PV8en7d+RFRYS5cYgcFyc
z4^~D%M+=Xit{1heb(Km`<ma`s?r?`)a&jUrX{2TIm4g~fJf4*p{HErE;qEN$V@V;a
zRCS&nDkunV#EW%$`wo%-3$p`r;hp6UfLwb+4t;}9RwI3%nfmnXAK7~B^68le4q<<6
zrFA=Nyp)%hN95~72EgypkO$|Nw<a__bm<J2=I}yReG_oEE$b{IHcB&xa)7-8K9N|N
zo+eud_o3^q>FRVF69@Fh``JF*w}TGn8gcSCkbd9Z=tvlNAC!nsQgEPEf9^|O&RkWg
z@G^;9M+iQTx#p`){H_2@wn|nSrWKbg&|rkhYUTiW?nfUI9$%o@n3FhJa)!X+P{4XQ
z-~q=75J!gLOY`BX8qw^|RB)}zexQSkp%6*QXEdgleE4m3LQ;#zIeyElFm0NUC%*FD
z4KRjzU2-;&>c*$TQ)~f<J(?e!PP4pnew4?Kgl(Gtd@w~7S=&Y0`ZDsV;%R+15=Ao_
zz|S!y9D7RY92;XmC3ROGVRC#}zI%X=N4`0(Dg5K7@QN8f1IH%2H92b?K9ib$`W4&M
zg_@&YRfLH$QqS!VaPcO=tDg5bL#Kh1yv3`Ug_`ccj(WMbk1ny)#90pRu4kIETz`v4
ze(cm_kC3pJi32UY=PW<1P=Mf5+3OZyIEr1yHILIZ4==W}@A<f+-DB$0wI&0tQxWzh
zl;D(uHeUP^X<xSQDwr!}&m!Bko*swoT;^auvNwP&W&;#tt01mIh8&nmKzoq5p3!UH
zz}`m_YWRXAPM}6$EKVTztGt9Zp&G3>rB{Z+`ca`~0ewXS2NoBR@$n|fkd^#<@wW>S
z=|3$ekKeRY0%dv{Ak^gL1Li5ZWvP=39FY&`)`7iBZJteGsRUX!L|S{i5a{mkv5`9|
z?o^qeCavag3!RJ8vm}&9LX{=t>wOdf*w}vRi>~JfAP)(a`c2%QmxwksQIkgvC`D<;
zt~)ZTU?{e?9!58?XiP*S^_T14n4Sef;eyAr0xE)n#70L)oruDif4)|*jmeGCGcwaA
zjnwW;xV7d4oprw~)Ra1Oz8^m4A3eW=TTG^h9C`hB{zzAXc6CeG)ztEHK1J)>7IL^A
zPJ+qm>Y8@5Ju;CAPQu4k$yBaZfsnr?L8#NgP)%_M5Dr9jv)TCjRp^OH`>HiT@KY~3
z-<}#Blm#l{@k)2uJdud(g-!mr4^`ERR@GZ?D9USFod{Tzpg_MF{GEj2&b+$lolgzt
zx5O!;+u6J!PVD&V^(jP49sKl>iQB|seZ%WZu?%Wm+e4eR(Yp)wo6&do4;Wtqmn**w
zX2S*39SK}|t7lbwpzR#i;|l4@55eHp;faaAsl7?RjC)H-P2qH3?-v%^-e`YR(a@_$
z<+HZ8A6|L0_FszIcOd=Wc=LZw>An?wtT;S`8H~+ZKJrv`f*0_(*e_O}Jl^E-I~=L}
z*`66H<o3=};k8B1+AliY_S3s0xmW!(eyRQMrqLN<g8TxF`BK?>m?tSw@S<+M-q3xv
zr`(fYxu}<Hk9>tu?YwxIGrrhOt_+>l&LGh+T>&Nnh%=-KX^x9MB%wLU?OO}P4xFpl
z4v^1`pVO>fhv?v!{OdIkLpM;=ivGKg+%h}r95-^#02+M+oLsT25&?_bB+C!F<R2~7
zVIWW5*s_$rD!N62)1G2b9K*d(Kddn{(~qszXMhJK3t3Ivje`Os16X&qYXTh_jt4&I
zJrh5hh?HD}aG`|k?<>Zr4Nh{&3Z%jNxC8iz%Jq66EBwYPArnRV*lK&R@w%>zqm3Lr
zFEYw9*d~pvC(2=&+Fd;8YpQ<<8MVr@R^+p-yGyM7Wq>J(t$g09YTo2WpVtDTiJo$b
z67o5H(PI>YqfyQcI`Xnz>!QY`RlOZYMs#TV{1PBY78`dQ0U4YYUv%ldq(ne)3SJoM
z`T}*`_5ScvBw{<dOGhI2qK%eF?F)O`9+gvw^pR7%dt6Sv{lAja2BJVP8>Y8Q>j{Sw
z#HzlfW`p}`2x6~Yj=DJ6KB;+%tc|m?n@J$btP35|IS#%(AzatBRT3r+hOw;j4Im%;
zXq8xL=pb6W7bv9uHmKcR&3Rg6*VV7O`eDBlGDX$>a4A&esZ&VcXR+uuE;y6*!HA*K
z!_q5wl@GcI7oTkEdBW3)!B)z=>$S+n*grLMYr)UVr19dYnMQ~HVhFvRM8_iSRDg_u
z!4cq%^EX493>6&<^IBNAYg02M85Dp-L;Sg(p!(F-K|1<!Y~?)=>_nqt%7qOJ<u>E<
z&7|9I<7I*zA*AA4u9|1=DG%4O2<iJ!ysOKJ56ZY^<DzG7*wPr37D6BwRVWu*^zTG8
zxvBf&qZX^FTZIB*Yj101Gc}4`%n;L*sowYs;$+5Ye%7313}ZYva`gRR7qO_$>=b8|
z_Ua#0nxQRe6bBZL`XLc9pjH`WvJi=1fnrIE+`6(HtK{Kf<WOn|Tzo9Wz|nVivsf&K
z64hsyLTsxkQC*ggLY)3#ixNcja$th>>W`((m%$1v!q%1$Rp;EXurzox2l(xOg;CS@
zG+z3jsC!R61;XhMVeg6EiSItI1fl;9wEQ!rKN@$#qpL*D|J>t=G=<+JKKYNu)WpuN
z{uqv3eIHu$+dbjl1Xz=&q6_qbh*!1}*yeKry6c^x5*(q{npX6;v=CIkIb-?f<#`H9
zfvR)B<Pbhc1NKUA5%9D$G{)0U>v&`PDwf(Cniupu^c8tttG?2-)twz!S)MzMnp~6J
z*678CTdfvOLf=0(Ekg{L%UdzBDgM_xqVKX?5Ae4)&1E*v6XHJ|T~?CAgPFSCA~Lf1
zO}A8RV}5$vkKUnE<A8i(Cts)A>6z#S^A(K&%enU3AF0^=8?KLCVx0X$3`guNY#g{p
zh8~?A)>Yr`e+xHf0<8Z@-xwPDHJ#q`z%snPb!P1z8M>&gPqs*|LZ4thtFS{94?|~7
zz(!sWzVUfXr6pcCvhHjC)1M?&vlgrhZ)FCqAO}}qM}UM{f0vM7K{GLw1(&CThBQ%T
zY#E^~PK?U~+S#;G@S}#{pMHmTIzu!!9w@-H5edUU(%;MHVgMVzUCtTwkW%H0AbIPF
zhq%)C=!vAIEYdCY4T!@fC=c<{rR(yQIwzJ+3y*QVg)X|cQR0Ifg^1x}7zi$tK8$AF
zRO@^vds#5T!4_=JQgT#0po3>1O0e)*<wqyt?}?JjLYVc44tBf{=tG9Fm*@nsSV%|=
zYT(%9ey1JD$<YD-`x*BZtGdid|4I-#^f$VaiDu(oYGVmzg^RklV4JavosB>|j7cdu
zCIQGRSGYrg%x4V@1;&1fu-{4PF7!*39eYQSRCpm--8Q2>|1EQxuz8K|j`O?eP8YtV
z`naAdi#_Ex>pao(iTQ4Q{UMt_8^ZLKDi5ljgam5!H#=}7P;gU$Rw~jRw#;0cwOr10
zQREq&!PeW(*KmuT<Bjp636l`zRev@^)-2hyT4!p+kwkrQ*h*8Y{I9Eq5JU&vPS=y!
zI$fVAuu|o$j3hMswb_(2PjQ-qw^|RtN39!WX2ngtGmT=l0(aIy>(Q$PI(}k=^<#tB
z=uNAOa$#``9LRiHX^L;PmU)!*v#oWilQF@$Wv}boo6+@3GWPwlZAl?Kfz9K25~v7q
zA!*3zrG3hHYueZ+PS(wV{}bOM>CN%gufL<q*eWxSl*Z$>8&g=ER|RF1JY~ED6^re7
znpgSL?EY=6i)$q>Rx1j-TbJE)#MofhQqC|=QLCnsj6n4G;;nllQMf9>>s#7+{kwW3
zcXMv&xI4qR6I}`4J7kiIeOd*h!^_^m>J?C&Yc9H|zGW1j;5OyEa8WTD8M1R*uP~xB
zUQU$X+8IZfVDHpqQxkWS?Z%)Fi=T%-{=?Rm5tWDZ|ElY&g5qqVZE@G&9^8VvYjB4^
za0u@1G6V}w2=49<gS%UBXK=S+aDpHHQ@3u_eYj8GL)Y%Fs`u`-*J|6ST_aEZ(QF(C
zp<~a?js*>(`302a0jBc|C{|!4{{s>aHvIx7*QeW)g9I47+aJ8TBQjWUI>G6F@_iFS
zV+%fo+Ov4|(-Vwnp>qreJFU8;Y|$D<MwbUWjF_N1ERF55ti3;!@FkSLB`Ja9#W8Mf
zaLcg5#aF;#P4b+h9bc5?#T6pwCd58|OCQ9gV+O}Ou4bQ+i=(&4@r>nWd#9*F*%XQ2
zRLfbSU+l&csAcb0@5ARZHvI1EJU7}e0^-idQ@VQD<5<HvaYlo90f_Q%;l2hT65MNJ
zUV)^;B0;NFxE$RcQpi7h-zF9>PWMY6!uWq<1=fMVRk7DMTLkBen+c{tJUl!lGs9lc
z6|(U|4PSPz2w7MH$Y_S+h~jNBfL_4)%}oR>p5mLk^_fl!@jBam1{72jdAdaVDG&zA
zWU8I5ZTnZpmQCL?>3lbiDHS2GlJN9iEKg<Rh}rLHDo*o6oNIp|KK-O92YtCh%Uztt
zU$<JmJ3okmm58>3HJG(DxxjI++3{EW)ICGoMk2||QH%GM73*|D;l(|kw+d^hB5&N(
zhpJ#{W7!BFch76gwicSIbf_#-1=A%sY*|$*p6@o@FZWI4W#f`nD+`cQ4@wNl`0qdK
zHzIz0J4Sx6GWlU*f`mhz%Q(pXcfGXE_4(^tD?7(cE&^Ti)XeEZJ>x5<$10zTJ3axT
z>Ji^gK~c!BkWy0nY`T+SYZXYr{8YMR>v-SdR3BQGF&eL#tcyB!oWqeT)x#5WZ5f<v
zz7Yb*N@w*tYCK@g%|26&A?YDa^wP7;`>rWjx^Q;DsK+e!`<G!mW*u;C1f{bQcvxyp
zSsIv%4oXjIv3zY7VXIxewN&!3Uq~?L<`*nR9WDv`mW18!K0|J;Zwp4MHk@%(k<TNY
z;bo95G>mn1J3WoDOZ03oH$)uy=50t0$r0};5CZ4Vp{V-s=Y;GDw#N0}xLST1Uu>-z
zuJ7OlCgQDm;N>L9$QJYy&VG^p8r=XpdtbKP9C$G7kZI)C<fy}R0)&?Tyw^T{*SW5I
z9x(_FG$bf?6^r59T6h14P7eFux*EIIhtRAH2!K=Y1-;y<zOnXP&nsp5|9Ie!^Yj%A
zV$nbQw@RV1pHbNYZZR0``9=HA6;`|1YT9#<<KG@<qglcM`CBbDx7m}kJ_cmu5`X|}
zw$>AT#!y15?8K*$;DWVc|I(Ikse||qjTvw)_am5qOXusWT}C|1hC1`@w?cfm@w*BG
z>}mX_oH<AJSCe;!99M7c*0aj*ryD8k3uHlnmsaE?+*GXS5${4~GzHP<(cj7{mFjX5
z5)#mPH*vTklk{`2vVw9&=NAoR=+)d1n^Wy~y1htIiz7o9Mp``D?Nw`wLJ|5}OY(IA
zJ0R!*APkDTB!I39(4m$@id}L-TNOkP?X>-irET<-+5%0JD#Y(J7JC}?h{$h#qE+qQ
zKIy(P=_4;cHI}DnyOOpMckPNfS!2e;_IUQxqrXevyT~i$677BY7LaYLs4y;Yw(hk9
zDaK>`!bE8Yf*VNawoqg)+o;E@eq?WRW<v~J@+VBFoG?<M)dkTJG94GfsL<lPJiZyv
zudvh9PjA`GXtajk&zaIEGStnF1toF>tR)=U+1Z_q#OOY*=+2ik#pH4y{-{*Ir)^Qp
zLV$LmSmT({%NtuoV5()-Q{Qy_W*0ig-z>W}^}CL1u#vZ<0V(}+(%`L9(eJczapuw8
z9Rc2-_6Ukk9Ox8*Gzy0_fSPL8$AG3@H(E!T?F<`tQ=x_eXg7D*baDNvn!>l-T8E7W
z+l`VZ>%g2zagw%wfQ|lt5{ghBwP0~)LpH0VmFdjuokJPYbKaQzJ~g?u@Zgth{($@6
z@n>q6`%!#8=c{9gU-&Es@w+dL=P|xt{1OAn8O|e1Ep2Xy>5k;27y#p`^I?n{%;kwL
zm4lG?=&6c}ii^{wsW4_#He0>>|7AV=kTMfFQ6e@m`!Cs*l*kmck+{xD4X|6=IThyD
zlYg!hS*6eHtDfi%;J9=OH)VGlwili@TdY`iHRs6vYR+&(A6f=O8Jw@C!gOTuTxL=l
z!$Mkju}}}6hd1uATJLEmIxo9rPXU!^mE9|ErSjEcO?}mxH8bLLoQ{V-<~I4_!TVbt
z+78?B9j;TA4^DN{uN|_-F9JSzX@kAJ(zZB}k%PV8c;y!*GFvizop3<e$yL)eCJu-4
zo@<phZV%hG9jf}ixrZL_i1)-Hm81q9$81+MXQE;=^>K09r=AWF7QzzOL8RUKsVpwZ
zT8D+>E5dN-;L4iT-SKG51qhywfe%M;CE9?=N6RyiAl^g6NPYE4x5ef4^fgheZ^qlY
z(=dNl&&I*ZfymAY^Mmojqgx<mX6iL!zPzroRPs7~PiEI!E-#o;sbng7F%t{}NNc4H
zWlM(tf#Hf?!dUy}-Mmcw>XxKp)gYKIe^!(|yksN&Ipo{#J|>kPxI<Vw3{-?)!~cwm
z<I|GbPtOu9FWD?F=`JtErQS45rBC@Vm=*@eyYn+KIN~SqA?Y^B9!JR}BlE}#X$`C`
zw>TKSE{|-j0R2>}6t4+*l!*u=Z;`_Tu|D<oZDrld_HHum+pi$7|Ejt1D7ztCIdo#X
zUY-%(TMHQ58mTqv1roU-kS^EvvH?26>I-Gvb_ZWU3)4bw^dx-oJ7cA1_xcyZP7a5q
zUfMX<5TZZ#_y9K?T2l%6tC?DLQ8QV2c^72bp<?fxktsuglict-m?`EjUkb|V2$wy|
zK!%xObUg-|ntPkRpvm`Ge7BcCv2WC}J3i$49RtJ1LilV(>nsZA>O6KOS<X}`7PAZM
zgHvl{GtAMWYLZgrP%#GUi1&fufN9-t!i^P?lO0cM!A9;+awV!?;JDF24>OzVYt?UH
z2LfF^-M`PZ?F_2_Fv#3cOPv8X^Uo_#Fu0kfDl9^HlxUvIe81%ec`nZzjH|6lPw&=9
zay-Yp84KEfenD=a8H=LfMZU(~z0T<|oa->6>}u}{c+S|gIez|kvN=0%lq(ffxiR1h
z^LXFV?c)e|c52-TXG4(Mf$;GxahYCo3$s}*8yRSiW$@S$iseHlOh4o9E^x7K9}wh7
zqXq^H;pt!yqFzQZ*K~eI4U7%foNf&g7vsGr13Uap^U%n>TdjBCf`X|D-2V9t@EcUQ
z0O8hfil~NuI*C!><KfmT2Qu9%b~u}t6Rmd%5xtLyEibm~-o<N{s)D#o_gkY;WV|if
zx#CXI@_t}z2?xg!<dMeCXvbA4!Y;d=C>2|)4$G||1CtBt2I(|DGay-Bh0S^I(BxQA
znWGH2VyUaeVd@K*iy+GSd|!hvR`dQ$7RnYG2c#YVr{(jS^M@12C(d5oXHWXQHQC-Y
z^BEa@0}(oSG>YR0j2Y9F-Y*6?T8GdD=_Nk!Um<+ESBpd6`!}#7w~EmGcozTCC1`!^
z)w(BW&{{J=CKlrg;zPmM#@)SctJJgysRNDa<CKOE04bi%&+oY8y^QA0;Np1<5?%&Y
zQGgt5NrU@IizPH_C|1n$2tBCFN=HX!%L)q@HilS$IB2*;MtE8(kD}XjXLrQ0>u%{2
z<w6VeaQuWkW@ZL)<WbSDyYNf4lMUn43ISXc4$~Lu57@dR5%43gZVR|V=Q}5!Lq5DD
zK90`FB>sB0!eN5oX1gtnhRkQo72PAEIlbnf{!+4kn{Hv?zJ>(UULneKuxoJ#y%uYV
zkhgaS#ZSEN!Ty8!_3o-`9r{n>?$_f^P7juc-!(>R8g{qVt5Ya-+m}yv%T9Dw#WfHy
z7`rCO?hwT=3i8}wf}z0A8}eSCkP%0>5l7YSi)zT8{KM|nMtp2n7@)mHi`@wzuL4un
znGaZDC?;RX=veNo*Hg;&zz<JHeb+S5_-Ugz_#+z^FZH&Z%XeLRm}fz~!)$^9{k{F=
zn)z87zI2C)J0{Z^rf@`gov%m<2s;mCV5vN(YpFS_>u^L2O3`?~vCi6SArc1hWLJ^I
zwCN3UH#3Jd2aBRi^fR?`Nlj#U+|7ok9GX8##ogyxC2Qm3siNa%QVvj{MVZijma>uO
zht~zDtg$GCvd=a%YcWKkeT|eBydq-kr^V=t(1r%A;dBG1{{2B(PNLc-euH5_iJ~39
zj|@uhJ5r<yaRFN7he@JhI`=6QNU3+Kb!g-_109Cu<vGhszT3|$lJNGtwTvv=E6|Vr
zL4BBWBrMRh%j%4j&ZQX2LpEU&@#ed134wF|Kd@GJLkL{+g1Yt^k`)^WmDfZ(f3P-|
zCE-1{13ctcqO@I}<7!;w#yrJJ@;b%sw8N%?>Yz8*zmJx?X^@UGyR(C#J8y}lP;J)X
z2|vII2Q7TmoYSyEpLS+B#M?+g-o}Pi`J0)hkz~b?7gT6|H+m8QKEArPUffyR!Xdd4
zQZ<25&*hUNU7{w>nG=kXz>aj1#`$_%h&AiV3u_Nvr$dBQDoMp5BjsR+=S3ObqFDvD
zC84{qpU?!Bfy<6{O{=qeZWNTzGUW5xT7CR-E!O3ms*&VL#GgJiGqp5w@(FO_TlBX`
z2X0GH`E{zRLZ3NRUxJ)5B@3C0cJ*e&l3;mPVcr`py$?>#Xt6W36Kt8sCTTwN_6N|H
zx^F@J(y!dfZlbXi_IF`yvr(}NuRn<sgq4aI?BtEEstX!@jEMjc8QQVu_5P`{_U$jp
znAT}gyP*&vpQ*w_JyD~o=|KB(x}mFHuApSEjg_I?;&FZF)9$=?j$d+kW#^`gAUt9C
z*hho--HQC{n$vm3##GE|=`Ff=mmOlx8I{T6^}&RG+^|4kW}o7!3~vTTOZ>g;nv7OD
zvQRd52Z<*Ez8=|5l;o#ajvp+OHSf~^<1VYorxLMTpX>e8c`Ma4(FWjcs7aX6RE1n<
z@thpI<b=Plc<hdMr~{&nkTfZxz7Ior6FyVy45NNgc3J|K25K%V{imxWu>x)l)Gv(n
zMUfV1a*UVPaB4>(L#=u{CZ(K$ZCwIu^%e*1hM7kCIvrL=7x&)<BbDR#Yc=f}^z7mT
z7g`Z1q1PWw-Hr^mNXl;C^aPja{Rw3Wr6k@;R5CrPN?pW(EhFEXYO*w~AX}feIDZ(p
zOAx*L|9F2mB5UFppBN`H7U2dr0m;7WiGBZK=sEE`V_>d}Z&on^Q`hL}r!ySq7ah%P
z1Ua?`cjsDHcNi5USw)E`_P9-0Fo?2+n*0!L1z&9VoaAqZeMRkg>)3onRs^6b%gf6%
zS`;6cgTG`p@9zm8HAbMV?)yG4`zY9b?{Q&1%JRbRHx7~`K87u~=P8<tGSq)?A9*>8
zZDbP(8RMeoTtFg`m}1UYwSsBLBaS`1qBkD&urKCOg!~(bf|bRkfZ@-{=8A!Q;*Ged
zvk_5TWT`v*gK&SXw|FjvG)t@l+F&wU#N*<H{L8<=_yrR=C~iYQK+i@?@)V;s=6+h+
zD_`65By2YFumXuA68c%4$v3y&`YXZj;OZ;VaGcoBYwW`ET9CY-9S#c%I+T`{mb#v3
zu)5hW4$3`+UUj`GpQv#VhZ+5?&tt&rVpe$p{>!U%)>aFp{W8v~`LKdK^PexQY=2kE
zfi{n8+<Ij}sw;Uo)@%0*UUUx&UKPo9%{-Cs?JGH=ZGwh+YJ{jy=8>lS;YkWe*{Ex!
z$@EETttG=ad0)!O!ZKatKshRHHJR5y*U_-RtLLJa?+6kTr7tCFCD1-c<pwkEstnbk
zl1HDytwB6pz-rKslZ9p$p-kTQ!`j*^RoX0VSDVd0;+2$NOT())+9x{BosqV;b#B3V
zFyzh9!ayH}V(-iN9=cCx>}Efl#jgpR%1Tc@+rP!(O^Lk2KskN~)=j@vR8)jG+Kovp
z6Z-q1qoW7Jv2=kw^8jN9loDrl66__uq~WGBt3<_Jh3KE@!rbPML>~mKPQWehOvO<K
z%R}7CQPEM6o-)O^x0ykx5%r6ENMZd&Tqlkv`S{msqGrZV)w<TAi0m#eGzQBS&vDfO
z4H0Np8lKen5#8EptTh{kTl|50!z@3ZfH=PsX1%k85cCMuSl8UF@froLDsJj?e3Fg_
z9?Yy<>AdDu()(9ab2$D<+#;TcpV(ooz&cX8PX*t0FXy4fixUPmUsPG`4f8cE`O5x0
z+3=~`$OcSi<-+Rx#3IfKxF4xxGsSX()HL+rba4jlC(eMoZ2fS0g-_0?-1i5}-LWNQ
z1+0s0yys}@S*+GR)5zt@{Nv6?X3dxPRAEZ<f)UWL`GTGg(T=e50<Y^en1M25GFK9R
z_*|SEUEU_fe?kg-P=|+wlcJ<k&YmhNpMQ4f=)v}q5n5@gOhMhe%MtaAZ36Mt+Z}0#
z=1HLhJYc7vgD7kmN13M8k$#F{X=xBP-+wKbtzyfmOGcPRupNV^sFfSe-Zy@~dRj^y
zZ)w5(Dp?EvQbHR_4=<2vQr$G85dDH0v!n+l>BmG+xptLw<eO8e#p;|#83sff;HC|y
z<S3f?<6pdv#iM5(JDR{>9Cn|irK>M+rA4>6Mh;P;&BkpLpRN`s9c7BmRyF3%d%uvt
z>dkr50i4c<u==r&gkLSmD!NfOXCJh)1;+etfn}S2N}&Y|jGC@CSeUAU2#_clm?tgX
zSKBJ1u_B#}0RhUaP<e;BNHzA>RaQ!O-%C`|r&1g;BV>d^HO7h61^&zyj^s62o;6Pz
z&Se|3b~|2;i;^kq`2}&f?lZi+K}AYuiQIMM>)<C)hxuLTp7?_`Ax|)R!ne!6$hn5&
zE9r2fKEDo?{Wbcd3qI&?$&+7|sKRawS}E34wb088ZeL{ERb9N^RQ(If?J$c5u171O
ztos6+Yon$?*vpA&QfWhH`oh+?#k^sBGBI-*c+B7CmwHKH8d@m_!iX2WM^mt=hUZ%#
zHUHA%Z>IwV4Fye*>o$4LIQ{Oe+{4ku+UDrVpGZT6<_oib2s9D-nRkPJP@9+|e9@I9
z-Y)s;g!KKa5@Tvve(|m<S$o?8&K$0u&)?eyX>!!v!)36}|MB{sxhCyh8EY#ba7e72
z+zW=2qK1}~(fq#{TAP^Wyc<k^{nHyFVFe6PcB<K1;F_W)Wjx2v`<TgrUpMzv&zxA_
z=dbUjAO~dVvDysN*a|+9NI$uibkg3cm|=8Ph1#~Wuz1jIU{cN)Uk^)$r}+4I6nt5E
zW~Z0tW#9Fk+>=vpr>MQQpC0SxSHdaHtTzrBvuRSd{{{8wV?;ucFWL5dMKW=LNT2=s
z=>Tdb3#1-_MzDiz4FFkI$Rw#_As61c3;WUP-C3U@PyrAd9)*^yZEXdYr1&lOZbpsJ
z`Y9rDO?2_omBP(gJEZj)upR?-1Zao6ikEKAJeN^&r$-{j6SDX%1oiAbz@x$SwAIi<
zD00Nix(xl_`kC*8#~GN<7}~%(gU+mS1iCI@q*+u~I__3)^D2{`qV4T8`i(7F0q`<A
zqCJWku)RSDU)XnB_(xeFGS~Gao22z?><}i6kWgexOQN;Y2m#|^!$Z93d<_P9pd(3n
z%*3W37GrT46DpUbIb~u+bUJqlML+v>LiawVI768)+^57|M(H$(zXizN3ODfpQB_UN
zMwqK(vL2ro)nBb>Fuh`u2@ZeKBn{wSQ~~f@$XDucGI?m9OH05hFOhEp*e9KpPCb8m
zjchjp7Wxd&4ogF=U4|pwQ;2H>2`JyvYMPLgRlO=><7vjn6#^I5mL9|6?o)7h9llRS
za`{GhA4I7C6?qlb?!Fc_8;%3%kO|9i^PZPD>ae(}ip7s(7e4(3%!e<!16!beDC+87
z#m60+Z*5-sj5h+0(rU~m?CGL4^yH)>)K-2?JNXWRYbYGU4TQTG1cH}}%ad=hn!8#y
z;grBlCq@UpEwddg$GI=yjg-<R&zY63r(oDlR5EP5%UNqH!V&uW1+aO4YnDqV)~6`T
zd4p&E14o47b?C7z{k}s;HcI}GACKCfR7-d1jxh9i13z%nMnZy9=i4wr>Sp&oY90XS
z@QhD7QUWZBF=0=lkF)WFloz%YBlqGc02;hdS~4;+f<7Oyb2j^ume|Z;gO5*Z>7z&0
z#fO1CyI$3b+Fji>>$4@T$H82TY>cu93U0arf0V8H2!d%X^#951lYaZ;bDer_ZLw(s
zt?lHndy?ESqsK7Q@iP{R7zM6C&Bylo;xN=nRWUeq=^}w3hd1s<g?!$N9X=D0p93S*
zOZ;3b=Fiw?v>YE(o=RhY6s%KwxYy!NjZ~l3FZ)D_*zf*tfZVJ({2uT7=h_x1gH992
z1T$}nMQ23uldSH2)qM)njhEVoJ+$MqM^N&oIP&Y#W3#=Mheqn$;v(|a_ZK^rr}XhC
zNefi=TWr7-(A_<Y66>4c&1y%_hZp%F{ffGe<8ItMJnW7y`x1(<LWN`t7wb_rdRbmO
z#nQg=Z|$>t_=byfvn~ji>j~LcApDY<8d|M2h=t~xlAxJ&=pPtr+y=B<3-Q1v5!E*F
z-~f4jCn}^@MW_x@Jb_3<r_!iRhq1s@uSKvj&4Z&N<lsQ4%(xdj64u*&O`su-+h(qw
zy#M!3ERP*#M{M63)DmQMh?Zb~p*7B7-e5~w(~gJ*-AT=!2Q2j_dR0CR#@T=L9*n@I
ze)1Q?CFyNp0&W{xGcZp1Ja}S@$8L^XzJ!PIz5Q#p;CpVupYU8<%;-3^<v_>D-BM**
z1n+0cT;}qvU*3sgR*R2%ksV*<tEDASyM2n!79o<ct?8&aEaT^d@_$dAZZ>!y^XiiA
zt6l288jc|Yc}1+!XVX|JXO13^|M)A;xGIg~)Oqc7nn}!1vlg;bNtcW<vpUy*GLJXM
z=I!|{duhAiF17mxL?77hCHB8puP%R0L$NLf*NWVovf3GZ!#0yWgjGSMw|eJ;3Z-RN
zDE(X%&&O+TH56sVGs7zU=(N=Zi9Ft^38|ecv`&#a(wmSz)(@Mg{%<c8zjyd10icGb
zyoj4yHj@LzD93B9XM|&(!J}f!E`l5r^jWQhF})l)9;8THbzO1bm_H^uD)Jf^d<z-4
zIm%^D@`j605;jGkS329Wr~SmZAMDkYD$?O~dHBTRoug=@3;%V9_TQ_7|C_<4wNNH)
zrt&-yIIpW3et=!TW!PRuN0rbSjb15J3LH0Szttd0mE^tu(XsLU(ZNJKA@UbC5>g)r
zhckW?qIqtHFA?sQlkpsAu*;m^n9eN{ca)eMsFYL-s+@c4zG$ZHBN-96i{%=c*NE*l
z^C4*LRfJS+8S6iPd$|8)igyVj{m>W)sGzC2x%JV|`qZ5jUgf)3ZeH#gtt~lD{N2!T
zD3IPur#49+x3Xy9U2qHBqu+=W7mBYD%(Z}bebKWtV2Hr*{SLC}32J#S4>Ks+kz95g
zX=5aC)s?(RETcuOeV3sCMPx!ceYk77p^xuBIa;qv31$cT<0lk~fGv6gT)$1eJeJbE
zIxN%u$Ts%hS+yGOd|RvhvAfT>yH8Z;^ZIB!OEg)&Ns{RbU0Vpoa4X3kFB-GDnwi&E
zBWBr_op_=IKzXqMIMA!0wEe-S(J118z>%D?W4fR<m=03^XIEp&N_H5C#0vCMx9)`T
z+dW}UDd~(3>+@?*GujZbHF{VhnLl3CKLpec!vgyks5v;}^b+&%f@A4e4H!yp2WEI>
zwuq3xWv|5FawwlV(4wrEn5H~$kiYvD1wGp|A~Q6QuvDoF<O4yL1%}YU=E4><hypRM
zKb)?;uKbQDevih~<n$h&B7eZSMo(!<$*}L-3GS-<)cOzw8WvhO10%~35T``*PfOzl
zMNyK$%jTo-8@p^29L6XR6EUzSUXCBA8Z$s0^J*B`FHWSfN=cuHL5pLfNh~UxHyN~5
zSA;9-DlC6LukEzEocWjR)ElG35h9AIaJoz~z_i`M5&q`|eV7+g3kZaw?B%pzyIvNj
zN<mHOtm*z!J!yj`<^11D#=l6-IQ`6?t}B&hXqwzj2PZ;=3voPrmZxEv?MA4U4Nv_h
zGXY<PyQE>}+Rlcp748ydN5uXQafpkLzr)Y#(c$Kj)6oz?T3mb{l5sHMur0)Ma~QxU
zAQQ-+tq|z2xAv{H3H&dS`|Fk+-`d5@>c#HO0gVuPwLEZ1E*~J4)*ZU!gu>`SW$_Sz
z#chOU_Fg;9%2;aRom$vP?Q^l{@p5*Bx8^3IgNncYK@f6DD;~Ydf53ht@0(>x&Co^;
z#U->99c>(?ZIl&nFVB2o#F{9=5~KgdUq;jPf6pUYx@V)oF~R3wRm3ZJi&1wG49*Rn
zQF>EDoR=Kniy`_x)8hk*T`>OMZ!eAavTsQm_N)I8h|@S7rbGwpih%xV`;NID>QR#<
zTjIYHUp$(GppZNFrzcW-yj$Jiji9C;uXQl9?5(c%$NaBua)nIVoEhZU)BGast*v)u
z#U2^2ykCOu!mU|hCG(2z*MqXB5dPFB*?d>XOAzg`pbE{+dVq*CZM1NQ(+0tcGkSDJ
zlwl%wjcv{9-QcO#ZqLfTk0G)OlHsH}fV^hc*W~-}<;)F);R69d@&5aXN&+s2J6`-T
zg>VUzL=S$1;XiHCymMsNZenSyu)2)D=mD*J;7m^DGN%zlDT~ji*c&Qq@TYHPE?b6B
z3B)|Bbn+~RPzb&oX%6I~W>gq+h0e=DmcPCgkYV(R69!3-Bg|l&6KT;0qc$xSRC(8a
zcfKlD^McnBiK-JPKKk5fwFjKuo&|LEGP8A+G<~Myrg)wTP!$$Ty18)eJ*Lt``H3sQ
zW?T#}c@Qk@73Oba%zV>8{l91T0tO^Jbr9DBHv!Y~$duh%^-DDTyr2<s=g*_qv|h)D
zadk_(ZVXH}9cIL@c2cc;7(;q;w4z0n8s81Zhaj(`qWh4mU#X1&6TVQ|J@;R%vfpz=
ze->cEHwp3H>~h6_a&Q8_ZDx8O%5BU3>oMlTif)!I`a}VPkqPCi@m`ugq&k~50!^c-
z-{QF8q%VntLS^dTorSYfvAng-_du2$<3Zflm@|_rq()gCHdREXM^ac~`uMU6#Ag2-
zx<u&;H$!NU>cm1CioPv`pdW;D@w`D1cgG*Mu#SNoQV+e}X@f&HOQ`d<%-8w?OMs1r
zz*tMzS2Tu0$mK|7Hlm#8I#||1Qy)kVf+|=f4=qzFo&TN^-``KAr<aMH^9FT!Xv$OF
z)atPMrvqB%TkJ68AyJ90o%E|c?A@Z7$m=G9E%_B0B_bUln~dB{Mh8j_>mFNGKoUhH
z5?XHCL&sR7{HiA9l7g6nXPb-P#s8!m-mLNW#aF_w#o|HDaom_<PjH#M4zpCUS)z64
zEvi*Sr;ncS#wiU1$Vme9=Exh`iiVWNoRb1Ic_KcL{QL6rzqROqOFz$!-)r+es9s%L
z1gm&F%m%JT<L^QcuA3Jq=Hc49ashF@?2rMj-sK;&o;Sr-6np2WtP`;<Y>$dT))CDu
zIhUixffH#iiRl63x?11jN4OCQlGZ%Ph&>_ZlNAKzm0&8JAE?I_VErXoazL6W&E-cQ
z)G3V<9yeyf_AlFULYr``{Az9Q56Nfu%!ce}@}?3~oBE7H#uQINs$#ESB)4t<tvy`4
zOmV~;mjQQdb`)tosR-gYaTak?bE<uhvBNKPhsG+Bg@0-8XNO)#mAv6$X@%wAsUs2U
zuKQ};?MWkKZEgSKrIq7v22Y~fVORXb=Cf!ptaLNQus)(>)Cll!zxiIfeXg|$$V&~E
zYuxUBBEq-sEOnIM+~vOdXBs8#?B<bBgz4zDz0lK-wJ~J7rpp07p7!EtchpDnOjM%M
zFR{nEV`5OAp3~KxmLZjc8nxU>9;tj#r>5iSPqGnRO_j5E-1Y5=wThH8v3FweD7+FQ
z+Vh~rky24>-tt7sZ#jSqYi}b_zXxt@clXbcTyJvF6w^#?M=<8bT_!yuy@l|1clj->
zF1b9Ygqsz-hT4(Z%qeVf>asJ;rimlS2Cmq9M&j;T;pk*=-7Pe-2?V>Azo_*W;xH`c
z`upWU>hwFm<csNtJCuXCraMAMDBd*r9_KZTwbeCVT=n%wj<9zDXSOXV3yY3J>`F4<
z;;sJv!{Of<)P<8u5OpZkL~ibEOKH#6FWc(EnV!%UMv_3(12k4u{gY)OBeO!HB|oA3
zNwM?cShJ6RP##&|ULlejyj>=wJ?Hl}D50QIAyJN6I$S)ivaK`+2*K##U5|G_I$z7p
zL}Yp!MQln%n2EInnSfTz2VXnA+l7-qCFksgo?KlAfJ|rLE_Hfdd~zYVkLLjLvwDb^
zKOd{;cd!)3ve9$cub^LXcm8pFXv5l&WF4I!8HW<fe$3ls4zOjnAxQOQ)m_QRd-UoW
z8VWR|lnF{PBbR{~f5nn4A)SpS3!ZK0CNHg#gy9m3c3kz}>8*+97>^Fk8q!`(Rz0Zu
zsj2}IwTOM2`)r#h*PHR3n2q+tM(#pZljM`*=&}8pPa)Q|^GKm;<R4mI29**kaKikD
z2M4_}S>Ha#(8lmpKMG~YL4-J?<UUZ<k67R5c&BuwtHTJEDAq{hH)Ds0Q>nLf9&SV@
z%J&4f>*MU5!s&O}ZS2)#JZX<1Bw-C4G8%G!=f_;u9)D3o8t0>XWy86a(3JKToZ*MV
z>0ChWuU2jAO^DA0qeqkeS3|INb9Y<#gxIVO^W(>ily%eO`?U<CZPT|^Jmd9%a{aRY
z>u9>CDjM!^vHLeY08_N}Ma@hULjVR^EW!EWpr@-aq@(*eVE2k2W>Y-#-Sfdv(Tn_y
z<IuF!KEY8@&%vVj=V1b#c4=lawTF<9tOsxDT4&W>DgF642xH(=uPGYQJsn`c+s|aD
zKhvn|1LGW;9aL?tt4eM68UEX&wOgtgzFUu9_k3m%!$3gkUKgU<{;8&^Nlmu=fHQLd
z4<DA4`fb~XyvdMA299rGVSy&@ZoR|A;ya2v{S7$&B{_~*elgSq>15zbwxms6?E6c^
zSjfAtRI`UAmbisY#B4HrOhp8HdqdFmt{SGxA39F84C+A3x(>+GFrAUF2bojVYMzLy
z-8NDAB4FzcRLV=XK!X7-sM@{1xhgEJf)auM*~6>X>SUQgf7^T!3Bi<NjiQ|^TCVpv
z8}cAG?dg213}ZIynHVre@q2<0W&w)l=4iTBO~IgIr`t%nmc;NG&VZ%(?dbYo;#v9j
z^@HDc$eVmwBj4et0VFs_h<`ppYO=Y(5A>a$?r;s?%2kjN^_v#q2|+<~Px?K!RwVR^
zCPth_ou`>5J+}0`Bs?iU>Ds1xE2UzK740d~@V_UVN1js1xAe*U?n#Nz=k?(s<|N{j
zq21tSTGXZ)%!P|J2~!Em9p_N_L=}^XC1r-<H=*Rn+`wn>R=4X;KWwGFovp3;XY*H$
z!lTTRvGa7dGyyk!OtEV(dk})R&+HxFrq@7!X58HZ^uG&&iYeJjHunHX{0n@4ezuuq
z4*#LfgNR8dM1;Wksk||v52d11`?5H4epUqqTry+iWST9W_A_TPYG$ZTc-rzT1uT5C
zYwHPioD*pNnz?j3EEM>>&&IFt2|0Uutg@XJ0Q2*L`VOa^{_Iz+(#~+~t0jg2Ry${O
z+E<ifKjENwdc=N23WK*&=9*Sc)F)!fn9O(J%lrMAO$NPtPuEKnGX!MZhWMe|gEp}N
zM%^!MAH>Nlm8sfsPICR`2=U_mtllV|6&DZBB%MyrF2{S9@$K!B8cG4F`)xz0$L*}1
z+*nM`M*)7$M*s0eRK(T24P3%GCgPDjR?@7rV6ECFP`T{Yif&@MbERAt_i%-7M(AYm
zMbCXNq-7&;LN!U_y~}1o=J2mzSi_v_3m1(2TIWxDUcV^Gn)bV9{R<6NvF?+S%%?^9
z<%I<}7|OGe-cqyyll!VffrF&B|DGt^@H>S9O8P4!xflq80qrJQ46$BpK9)-qkFYss
zax`1aMV%UquOU5R4gEc?2YN1>0&W5>r{-Un|Im9q|0)$eJ-x4Ue5KQ_-B4QcY?86g
zUo8f{ISQV=?#fQ+kbWyK(;%M3E5P?Hh(EZ&J9eZ>GYj64$0*O1=}DKu2<_sE4y6YL
zNcNJd!eMRyM7$8QJd^}H&A)d+bwa+^_HEWF;VgSR-UalSf!92cC<WD@Dj=J8*#OeB
zdUPnzjWA!P2d?C?8vpSQA9!~zSX#n`%5({Y!H-C0@>m_*g}fc4O`7|(Pmj^=G7VaW
zwp$nti4Wl>Bpv@3&f!g}nywya>3qi8S?B<DBUhSL`%h|VHC@T_{t4YKP0&Ix!8uf*
zQN{GEc@pRa#6#(OC&rI<GW5Km0H!=B(mu#BW&)c>>?o(<UoA|4ri5AC&$udLuV`y)
zYu+!BfJ0KTZ2~^l&Z|eWt{g+T^vzGuiFsnzM_m#4Ey9~mV)0PI0E(WM@o&>THiS<{
zcgkSRw}0DaRHXhgN&=>6g_TT%>bffIgp!F|mN!YVva&IUDW1d`dgax2G>K!!{^VZh
zPdvqsv%|bw6cj%DG5(|-J|VxQ7tl^%6&br~_u~U@UQv3Pycp9=af~5nQ>3n&JoF-O
z=kYo{et>|i_s2wlsU4(oKUbp91>>#WlNEN<MFHwpJ=>>9nys#9L|}6>jQw2BznO>b
zmh*^ACQ<}oX;QPH4ydM-Y-E5w421xpA&fRZM(lSTCHVTDK1lCx_On1^UN3LM>ON?8
zuh?t<+_dwnOVZdD=*r7^w5+^*%>PJ;4=}U1dnL`u;d7VqO)1A6=0oyj@p}knXRDu*
zJYdCo{+sdF%M**eRrB`2{JB2OMjGclF7GDrxUXsL=y*5{2nedmhVMiDw3QlvC*0vY
zLNHz`H)x@E9B!S7b7JoWDj=I$v;Gyxl~Aw!z0~N1wAZ3@on_Onal_#3;dz>vAkNqp
zsYbqp>!`civ+{eFC$lxneRqNDj;3@D$Xaz^Lg7k{(@az=^^c(^!P^9@->O&|hki;i
zS9;~5S^P%o4<v}!Mm<yqQtrjs%j{PeY^?O0A*MUI&XWO09;}RLHY4_y<10UH&x_KK
z324(~?@+qce<Ok$aTM+XL8O>Qp9cuBJUlwuo)N|RT}Xof41CX#5WxF$y_rZ2tT=OV
z)0ywu4Q`GGj1(4<o*?NJ^8{zRQAxY&Er!o~2m>`n!MQ|!Ce+k_LtRx>92!HEA|cCE
z?4`(90eS0-4=*arw>?tJ<7xWH3#k*SY!4V(&EdrIlN=<c*iy=qeTwjhlbK!yJ|4HS
zZ-<l5N+v^5#uk{Kj)+06=M5A7`!GQ;mlMXXPv2GFf3tgCz}Ov(`-PvQ-?yK28+Ev!
z%xQ9T`iV?;`OhE5YQ>Tct#IryGBH{1k1~CT+l}ThX-*a1%%SGSfBu2}JM4>v!|Ya5
z@<~Zabruu&<bdm3^G2eeRIb3Ih73C=;y+1-Qa@{7>pZyFn;yD-ZVuBqH8}d`Dpp+f
zTi;FvFsf9O9HF|k$mL_1Zp%*s2Qq)i@!%oJCvZ7PZ8Nbv@RNf$YubuM%p8=>{SC{p
zl}tzxk=eku5_DW%7r|@E%n*U|bAs8C=;sZwV|vrK3OA|EpA|?@E%Tq7nUE@j{rD0F
z)MW02_#-g?zKW~Ch3>RYnd1D+U0>|+*|)GV(Dp8K&?_nSknzK;_Gg$>FBxa+d0_(l
z+j})sY$_^Zc!|x(fRJ`H@_1Vx*noWmB)F_YvF5nL4jPMSi`hqC@s)djIG_2}*#X#X
z9x#f*(C-l6-spw~AZDh55)%up|DDI(gZ4Ka7IriNR|f6J?|nB~QeTMm|H#oOne@Op
zU#zz+MR(u93-3Jokc8DH&N)vD+6C?o5u{oX-ok59E4u~o8yk5Wv7!#vOFCVbYCQye
zmGZk&6FG0MGwFkIJIYi}?#FfVQH{U8jthRgIr73dJg{O<<8#V+yq#CInmf7umfCsL
z&n9QXYGYmXz|+F5uFDZD(5PxTS0tb1I?gz_=R!KtcO&dCN&ycKk3?BkTYHq>^B$Ys
zB;;&}2n_71&%cwZ)TwPg`iQCRh`nbCcEW{t;p>P=><{g%r8T;w-D2=r7Ij)^8&yNU
zG?#Zp#?fydYG?v}b7yUo0eJC+q0Wm-9Hj?V{BL$gFYakFebfE`EOt$ZzQI*Sqgj>L
z7;R%eZ1U)-hpJ8fyE0}JCuwUJ>xySKpVN?VM|j2n74=7)w+LpO%S%pZ;IU(_Qhv_!
zkw=<3homianj;3gVKzDF*c1;`1iZaGW~NZ|&4|D5U;;WRDCKMit$MtU8V+O|Ap>DY
zHufOuY?n^=rAgw^m@}qjO+9Y~lKlu{9feldgBLKQw7%uOUMzC64@*&GbgxV7VKd0+
zlQ?J!33VRVS`20@Bbh{}TDR@0C;s0lg#=Qlwnk|awU;1gKri3S`1p8Usye;3bh`5p
zX!vXdTX5&0vijz5k-O$QM{8CE56@*kYK<{tlcIva1;Do3qpGwXGfAVvUlRYD_7eI@
zTSaAMV))4eqXq88`rP$TGm&Yjuv@v-aEm^*;@Rqi@GF^wvvCayO0%ItyEm8JtScee
z7=~_W{-*r;obX{^g($`H3gV%NacsB{iI<;H>F(j-!w4CfBsLCqC)f8w9-XCpo$4KR
zO#*tmg;o1?ztZlq+T4yV^xCd3-FohSp_Aklz^D?<VUOgiXOxOKP+~lWPJj683uaS_
z5J}1Am)BK@EeobG_<*<>o=XHF4%yZ*%fF*8s{>(i>+>4y49fHj?d+XZb?x5QxnEpi
zDJl3i5pzMfoaRW7-&>)H;3<}8Ax9((Ia|a~Zs9PwCLj=P=e15I$79JCP@aI&x-%0v
z6}y=n1Ik@*s&siRPMu;S^M97b$oZwCA-N01*7NCeqDzDfm#3d!`v5wT<rmY^PmIfB
zYdOep*ZL{l7ixZHb<a<Rz0jf$UP=#|H4i2CH^_ODIZ-S%w2DH))lC<x?@QrW#F(Ij
z6K`SBp%A=h7V>CaL2DC5O^eV6{J%Q9P)bsk=$LGNSS{5V8N>l&v^w-$A3Dus1yG8G
zOM2#W8@@EiWn&fD{7p))^p|w|Vwfy>WGjKOQl-0tKGkM}z-I>=fgLrfZvRIqse-6<
zK1@ck(gpSxoaAA|%fr*``^?MgdK@Nt?N~-XV}?(ydDLqcXA#YfrhDzsAXic+E6o5<
zEnh9D>l0zZ76yp|kxj1C4-rx#82$i3BeTNQP^y!R3m32W-!=Kl6uJvjQdB>)vppI{
zA(*<NEm}e{muhP(1R<R-S$%H{2&*{<ZPpWZ9GGJ9XPtOA=YZ_S)5(ZyeO&U=_z^<$
zqO;EDN1yvBSm85-=>IZc!`@GhX5esi)fwp7o6g~Vk==ag0<0`HTEz9WcXh;<sQq&&
z(e#p)4)oP49xPC!RhcDnaET0j2QR_3x|ZckoG}lMOgj5b9cfsxT_gC~G{03pKpPa2
za0-4ke9#PZG7dcEp=4rW%9@%IuS~X$2j`yjG?`eD!6&CDGs}`i&>X85zLY;boiF{s
z<Jh>|0r`-!Ig1E0|Cy@tE;=-c_#^s!E`O409QfGnE*PN2=|%A+xG&Ffn!7T2x|UP}
z25F+pZMr(L_Io`QQM{_pgb^Y<eCC}L=A`E3%x}30CZ?q`>n<fGTK%x&XSHh3(wbIF
z_1#cIl=Dt2W8o$l(o+dhI4LEXt_5L%0b}yDK@(%93*Vp+4l`eExp8%p#*c^rJ4V=!
z_6*8ya^E`tM^~PY3}ju@z-n2FS@w<pRE-X9f@xtZwU)n#XQllP&1!d$fY^hIlwer@
z;Q+DM2_aeQq)Pd=ZXSD4t<XELM|!ul@8-o}bd8wHGG?u*ZS`I_{r0w-4ql({;>~Ef
zW$*0B#8*WSXA14mK>~WUTBraVxt}sAs)^7*BulHQ(!i1to1mHRefuZN#iYQiERN(=
z{w@z7zqL7nX@1m$34P9WOl-UV^mrCu+sF_1{Ua*-id=m_lVb6EDuz5UEu@1lk2lpR
z`2Jxk_pLA4=KWt!>qjmW-S#)&<0c*-`gdM7zoPSuJij1>Wl&;7-e83OFMX&_J76Y-
zIZ7>zbZ0O4AQ}l3<wPrQ^W5h3XXWhdC=7H~N6UA+dr&r%$I|l^lw-Zi8czK!4}xTW
z?@Ile>cuj9elGODCZFkuyrc-`|5y4m4wZEJA$I52>wiT+B_xoj1g)k%K?m=Xiqf<_
zM<DXUG!Sb9DaVs-^zr{Z$3$cTeEt>RmvW|~;hjay^<T|b{x}Y$hX3lFb{^#OL}eAR
zCBJi@PzIq~x;yqr#S?pfhH2$n6`YB_{y9!jwSQ@H4}1KM>DN_hBodZT0tE#{>;Cn-
zySb^mg`k<M#m5JVlbwT$g@c`igG-BpOOS_Ckdud*olB6NeQTsQ`u{O-a5A^C^!fiA
U)MR+`eHcK=e^rsLku(YZAD8FA-~a#s
--- a/mail/themes/osx/mail/preferences/preferences.css
+++ b/mail/themes/osx/mail/preferences/preferences.css
@@ -44,22 +44,26 @@ radio[pane=paneDisplay] {
 radio[pane=paneCompose] {
   -moz-image-region: rect(0px, 96px, 32px, 64px)
 }
 
 radio[pane=paneChat] {
   -moz-image-region: rect(0px, 288px, 32px, 256px);
 }
 
+radio[pane=panePrivacy] {
+  -moz-image-region: rect(0px, 320px, 32px, 288px);
+}
+
 radio[pane=paneSecurity] {
-  -moz-image-region: rect(0px 128px 32px 96px);
+  -moz-image-region: rect(0px, 128px, 32px, 96px);
 }
 
 radio[pane=paneApplications] {
-  -moz-image-region: rect(0px 160px 32px 128px);
+  -moz-image-region: rect(0px, 160px, 32px, 128px);
 }
 
 radio[pane=paneAdvanced] {
   -moz-image-region: rect(0px, 256px, 32px, 224px)
 }
 
 @media (min-resolution: 2dppx) {
   .paneSelector {
@@ -77,16 +81,20 @@ radio[pane=paneAdvanced] {
   radio[pane=paneCompose] {
     -moz-image-region: rect(0px, 192px, 64px, 128px)
   }
 
   radio[pane=paneChat] {
     -moz-image-region: rect(0px, 576px, 64px, 512px);
   }
 
+  radio[pane=panePrivacy] {
+    -moz-image-region: rect(0px, 640px, 64px, 576px);
+  }
+
   radio[pane=paneSecurity] {
     -moz-image-region: rect(0px, 256px, 64px, 192px);
   }
 
   radio[pane=paneApplications] {
     -moz-image-region: rect(0px, 320px, 64px, 256px);
   }
 
--- a/mail/themes/windows/jar.mn
+++ b/mail/themes/windows/jar.mn
@@ -133,16 +133,17 @@ classic.jar:
   skin/classic/messenger/messengercompose/noise.png           (mail/compose/noise.png)
   skin/classic/messenger/messengercompose/format-buttons.png  (mail/compose/format-buttons.png)
   skin/classic/messenger/preferences/alwaysAsk.png            (mail/preferences/alwaysAsk.png)
   skin/classic/messenger/preferences/application.png          (mail/preferences/application.png)
   skin/classic/messenger/preferences/preferences.css          (mail/preferences/preferences.css)
   skin/classic/messenger/preferences/general.png              (mail/preferences/general.png)
   skin/classic/messenger/preferences/display.png              (mail/preferences/display.png)
   skin/classic/messenger/preferences/composition.png          (mail/preferences/composition.png)
+  skin/classic/messenger/preferences/privacy.png              (mail/preferences/privacy.png)
   skin/classic/messenger/preferences/security.png             (mail/preferences/security.png)
   skin/classic/messenger/preferences/attachments.png          (mail/preferences/attachments.png)
   skin/classic/messenger/preferences/applications.css         (mail/preferences/applications.css)
   skin/classic/messenger/preferences/saveFile.png             (mail/preferences/saveFile.png)
   skin/classic/messenger/preferences/advanced.png             (mail/preferences/advanced.png)
   skin/classic/messenger/preferences/chat.png                 (mail/preferences/chat.png)
   skin/classic/messenger/preferences/background.png           (mail/preferences/background.png)
   skin/classic/messenger/preferences/hover.png                (mail/preferences/hover.png)
@@ -409,16 +410,17 @@ classic.jar:
   skin/classic/aero/messenger/messengercompose/format-buttons.png  (mail/compose/format-buttons-aero.png)
   skin/classic/aero/messenger/preferences/alwaysAsk.png            (mail/preferences/alwaysAsk.png)
   skin/classic/aero/messenger/preferences/application.png          (mail/preferences/application.png)
 * skin/classic/aero/messenger/preferences/preferences.css          (mail/preferences/preferences-aero.css)
   skin/classic/aero/messenger/preferences/general.png              (mail/preferences/general-aero.png)
   skin/classic/aero/messenger/preferences/display.png              (mail/preferences/display-aero.png)
   skin/classic/aero/messenger/preferences/composition.png          (mail/preferences/composition-aero.png)
   skin/classic/aero/messenger/preferences/junk.png                 (mail/preferences/junk-aero.png)
+  skin/classic/aero/messenger/preferences/privacy.png              (mail/preferences/privacy-aero.png)
   skin/classic/aero/messenger/preferences/security.png             (mail/preferences/security-aero.png)
   skin/classic/aero/messenger/preferences/attachments.png          (mail/preferences/attachments-aero.png)
   skin/classic/aero/messenger/preferences/applications.css         (mail/preferences/applications.css)
   skin/classic/aero/messenger/preferences/saveFile.png             (mail/preferences/saveFile.png)
   skin/classic/aero/messenger/preferences/advanced.png             (mail/preferences/advanced-aero.png)
   skin/classic/aero/messenger/preferences/chat.png                 (mail/preferences/chat-aero.png)
   skin/classic/aero/messenger/preferences/background.png           (mail/preferences/background.png)
   skin/classic/aero/messenger/preferences/hover.png                (mail/preferences/hover.png)
--- a/mail/themes/windows/mail/preferences/preferences.css
+++ b/mail/themes/windows/mail/preferences/preferences.css
@@ -44,16 +44,19 @@ radio[pane=paneDisplay] {
   list-style-image: url("chrome://messenger/skin/preferences/display.png");
 }
 radio[pane=paneCompose] {
   list-style-image: url("chrome://messenger/skin/preferences/composition.png");
 }
 radio[pane=paneChat] {
   list-style-image: url("chrome://messenger/skin/preferences/chat.png");
 }
+radio[pane=panePrivacy] {
+  list-style-image: url("chrome://messenger/skin/preferences/privacy.png");
+}
 radio[pane=paneSecurity] {
   list-style-image: url("chrome://messenger/skin/preferences/security.png");
 }
 radio[pane=paneApplications] {
   list-style-image: url("chrome://messenger/skin/preferences/attachments.png");
 }
 radio[pane=paneAdvanced] {
   list-style-image: url("chrome://messenger/skin/preferences/advanced.png");
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..b2d8ecadedbbca829f656e64080943da24f89dca
GIT binary patch
literal 2086
zc$@(y2-)|EP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_00(4AL_t(o!|j%7jGa{($A9mA-}k<E
znY+%tGxyHY4sB^08d0>eswom7@Ie+)L8%E6+%Uu-`bkMuLU4)U3n6Yq0tB#N45?H)
z25KpkaVXuUGj!~<<8)>^>)r3WpL6`s%8q`VFFfDR`Tx&zp5+H025@ZfRyF>&8`Vl^
zM*zybeaxL2Tam{bAK7yAMwCLS4^F^Gulm}BQ7d+HPfz*MR3@|5v)%E9g@vaz!yMOj
z15?+|T|F@Hg+ea3!FJursp;vLJui4_$8YZ0_rJt1y#Ds}21evhyAQQUy^sE;Enh4p
zQ`sMG`RrwPerogidVhD3WZc3F<t1~K<|Xx(gRUE7Qwa*01o5be7l=ZwX>Wex#J}%I
z#P5Ho+Nj(=`0y`g-+lK**MIX`CAn9-{Hu3OfAWHjz0Ii?d1+Mpj#Anp(3MK3Hf-E*
z?oHQRadB5qG0$Snp=G=Hen2uFr__}r8IJ?dv>oP_YSh~fmT8jhNKz`K@ce*%2gVi;
z92|XWsj@T{3b7zWP%IRSTQ;A!=1apzjxT7J-*WffJGNePnHNe<EmU#6kW5FCa(5?v
zg&b4!HJ0iw*?gW<CPONjM2e7lwT9<AC^QT+MxrB4#58eik5;omt-4GhWwE9=Pp#Qv
zu~Mhmb})1(q+(c6$#0){@t=n4II~ywzsP~T&(O&Kl2zRa1RAZD%iie;@`WP#?lP_y
zP^q`^LP=*fLw8Rv3J`!43dakm)!W#PgHjRFo!vB=H3o;?peqw288hfi#b`M$Bgbbs
zZ*7rQvo&kDj&th3-e(v-c#4UEC1Qq2vLi`0ogr6Vg;a{=Y6H*rv27dB>F(-e?K%BK
zqft-_$Mu<*oMvHh2`LrPsEKJ97^X=g+r@07hBH^e^E^TkvZkD-WqY)p_Ke~CZuMaD
zKJr)Rs4scMV+kS=jY_l0iRm$db~7||J(5bLBStKW>jt!Kn^ZDMPfs^WD&`lKI6iR_
z-}5mdl2)Tmy<U}p2xT;pHM&YAvZ)kCJc*Q&j)acw)NmZTVkoKYU#vDbr>_U0G<FY<
zsm9Wr(9xzW-G886Ss3zzu)~bUZ_JffZ|&`0)8V)d^=6Zj=t3$*wN|IqY!XE<IXT{F
zEYCb7L$S+>s<xIYZW%ps<hx3@%GvTj<jTu7YT2a8k=dq#$ZLjSMD{N(R7fWb=Bol_
zFTb9NtJ@y?^^Xs|t8-rX+~;q)SJ%y<{?+UHqyi}=p^!)^Nhd5$j*m>J`NNy`?%e6U
z?c5OX^BZpc-pAeM+!K!7w?5MyV|I4g3khF~9NzWlqGnIvdV*D@49RS9LnfZ6z2D#%
zeD=xN=JfcTRumDlVg#YY4?^NG3nhclt51J<=R3vUjJ}>y3@fv$zZl2y0%lGx9ym5A
z<_$oVqm!JjG|6NO^!5*Q%*=4;TR(c>XQhnw=(Znxd*SUDsb+JJ)3WQ)Xf!W`L<m95
zisJ|F+^+49?0>iL_wW7H>eF+L+s5bGcV&B5#j1{uU#T%aH@^e63k~2e4}M0y>TTt^
zD=+8xQb4`!<JfIgtuD4~JE-}-(~PJ{OE(PzP2|hPa&LFfYBQIO<NE>gOI2p3C;hoo
zGt++H)r9W}U#bqJw3J~bvwA9(OeQR?KOg6URSEvQ>viYVq5YeV?b&|P04R6Ha9(+i
zYU?60$rPa$C!fn}{k^>@1u2w5$Pi7_Kt*VK0;vI-0!<Nwf_$MAEtPuKIG&3g1O(xk
z?1a8YC?rBCI${R%%QZ%hjz4m2&-RmWb{m$;y=+P!Vb9RWd|$>OZW(C0iEhQQVhLi&
zB*~66@k9p^(?m!`7=}n80Sz|@uw9=(NHopBL?<F8N(hvK2oWqJ!rG$F3$KhVdoBCE
z|9(*fz>0=gTATfcMs9t5^klH17$qN%prIj^LP~`Y3K0q%*T?ZaJl{u;04M@Kz;Rt{
z$3X~zM52^JNC}!ocUtF?brvrTzY!i8``6b;_B?s&&2<c*q(n%`u7~g28I450;(G2M
zF8##$=`P)5*_PDokWffM5z=aV1fEA{#-uZ0;02P-xT0S7Xo!$x+#(1=&=h?+lfJA@
z;MqL?kHf8f!$-eybnvlf-@yZCN?Ri3nSH$D_uHP9+P32dj!ta5;?tY2UDH=4mo@N0
zjg|vRC9!fkN(Hp*ON60MA>mUPu&6tNXe>g^v@o@hW~;^U!D(I|9^KKXFaPA|;FGVt
z2S@;<6iD$F5Ipz0Z3lttPTzjdRk?irmJ82ce{HF&kcve$9LHsBYQ{M@I<afv^x~AS
zLbB;}-?;<jt9rXL3B%B7*dBB9%dNvBC!Vd=8jp>>@c7OTf|9ctPzd>6BKhm@e)>G{
z{LI$7FVcisAIfmG2*Xw=)uH){y>D{&A6<ZT>#nw@&N+FpLjRajG6hUYwDGaOKRyKf
zf7YDdeS>=NuFjQ%Ql-w!^A$4yZx!Ln7&zPOD`r5Q9ULoXK!IFI14l<ESt0!ogZ}{G
zj`Z|;-q?Bo001R)MObuXVRU6WV{&C-bY%cCFflYOFflDKHdHb)IxsalGB_(RGCD9Y
z9&;W*0000bbVXQnWMOn=I&E)cX=Zr<GB7bTEif@HFg8>&GCD9dIx;vbFfuwYFmEoV
Q`~Uy|07*qoM6N<$f|2X(Hvj+t
new file mode 100644
index e69de29bb2d1d6434b8b29ae775ad8c2e48c5391..46dd12ebab4bda527466df465a113b3ff34afd68
GIT binary patch
literal 2074
zc$@(m2<7*QP)<h;3K|Lk000e1NJLTq001BW001Be1^@s6b9#F800006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3ljhU3ljkVnw%H_00&q}L_t(o!|j%9jGR>&$A9l-E<5+j
z?(DTKZMOxaNh_La(J0y&2r;3xMv)K_@Df5njR|O^F=zzgV+{n+1Th#>DYda+T4swj
zTy5D(=?z-yZrS_J?9R?RGw;0DbB-UjatA+|{lfG4ob&%b&;LBn^M{WEI5TvUI(y*j
zYALXFfZqNAX2xGzlH|>8+aA6IHI7mrUVtrI9@-d<n%^pQ7p_PoqpMp@=j`lE?FlK>
z*$a8B>F&vGOQ#bTyPki(GPCf4?}vZhyZ4rtJ_>y6)(6&_5*{Bu9Y^~B{A;dxuqTs?
z-FfxqHMd`}vCk}(lEh;sju&p4m~3sT%sHSSpEc<#nIxhLyDd7WE6%5n9=Eo~6Tg4R
zZno~*x9|3;_k;iDS~PyCZNF{z#1}X9^q)O(km1++Zq;>F1xo33;^KAddau7`bAM+(
zA7{2^(`vhTUO-1jjILsuj#v~a1&xNy*yIAWx=qB;DP&_TE5&IwHU4p=Hh1cDbyu_L
zyarUH)VjKRa#w!-Q<-lZKHjcqx83&m^LO4l_&L`zn3(Z#JV81Yp|jXQXCcbSq{Up_
zA)hOd&16Vt5=aqHsn%%QHbE#rGl|8LC}q%Sv}m?kH0pKwi#qF8CYY-m%vm9hE9r>o
z^c5A!nB>>H>PO60+nvg>mseiiL-Nw!(bXBn7n16N#mRFmip5S!UH!P8qGtKnZAr11
zqQ9??KuA0{z;Oc>7HsBgEgUxl6{Aq-rtU28<O@}nm7?TRCi%36<4I1Q_gKHWfNi@|
zrenL~uROnpmyeB;(VA!mB;qkrnG~h&<tPj+%ft5tji!SiO1kEgTy#;9NW?@bMXTvD
zGCEJCY5^LFjtHiy6OARv=F`kJnv7Llq?Bm7&f5MC+ODE)yOXBlxC`d0NBGKyI3tr1
zGhz}7Np;rZ<nbxm?Ut|Wx{=G~jAAiIv*lvdn#AJ~N~H`!2&QK(&Yhb96cJrxX0l4X
zZVM@eNT%}9<;%P2F6D{FA{aX4(hiO%X}8^)sg!nfa@JvEZ;akT$lsnBk<(L^P}doY
z#loHQ^P@+Cz(^T}xiy>ZzG40P^|_kmVOec*xi~>6u`C<k3y4J|ub(|rv+e3{l?sQV
zQE5kwzAp_Q8M(zY(|s#e4j5nkLQ&5qbWV&*g%HE0=ebAEk6CQqlw-noXtk=t#bWrq
z`|tn$tMBQYzh8IVb-y}wD)QpRm#kgk`5~Sk5(E-mK_(OBjWZ|CB$J~XcJF@FeaF4S
zz<t}d-*b7>ntIG_$3KzkPBJp#d5-T5>*ewt)yDiAG@Bs<JtoOS_L8oyME!#X$F5zw
zrd;>j4_(I#P!i7x@LZpG+{AP2z;$PDc=XYCfxi{2R;A*JM1DnoF~o5~&QDm!hK7b`
zO+aPMQ~Y~uBe|SOXJ;WZIpP27XFDFgcW`aTV>jM-W96L>1wrjO-)q(azt|my5+x<N
z4pO$K_w0FK_`Se8ckWz1H6^}1G7|m4ise1Yx&!tcOij!`3A=>`u<wB{s}pnI;pT5%
z#L?FRW@`%157hj8tM0m<B|>RMqO?sTZn$2vSS)4-ip4@~<;oJiA2KzyK(#vORVwu{
z(=h9y2*NOsNliC%$wVxh%cV2%j+oY82wAtR&7by%&hsyiT~;pNF=_&IcbYtR>;P|0
z-b5;)QK{=>G6}6%Nab}y&l`q@6ben(Q3|S63n>+mh=EcHAta?zF*Z23Y)udZgyG^`
zS4ts5i4YPYC5gDlR8{fH$>~3o%Xf^zg>Bf=+t1q4Kl#g3le4ROA)*I_VTkXC1c5+=
z3Z=j>G<<JScO?aet`Uowh%m%;e8NDWYX+vFfdVNN3WZXNs3BOMw|VN>=Dh8+?)|Ss
zIzTKM5;d9}J3VpJlS8w?73(xg*$^QFVHhGrh*AnEB)0A1`5{8c3w^C4rNr|B9M?mk
z01a3?ucV?gWpnw81rEMwi{mG!Z!VX2jK8&x0hC-UQMvq+{Ra16KerG(vhC_pdT;<H
zDll8u2&F;@jaJJ68PJpS=*%j7FQhN;F*>bqoq%Y>L`sRSNqTZ^`m$|2$7k=5ZND&F
z`R;+CpYD5?A6OJiBITlP`^!ImB2@RBJAG#U?khL-Ub}Haih(sIL1@xw`SipsvIzyc
zMx!!`2m^XEHUn87+p~!zGIT^0CLWE3&$EYpo;|woRIT3p`Owgg_jQR0Af-Txw++G2
z&|SxXEmr-WtDbo=dBZ0!%Wqk=ES1V7HM}6o(Nng2dSs?ttBt-1P{_oWUAiW5)#`qu
zBVyHQ*l>Q*v5&pp{HxWp|5z^Hwg1CR$%P6ignYjvIdJf<r-7#%wO@SZkg2cLl)gek
zwouxuo(Nt#bm(puU~usE*!WEEXF+Yyl$O>|V*+*d;K3b-f&c9_Ck}m0J@}*I(wS1F
zBvQ(yz+WT)Z-2t2A)wUK5>UvGwB`SQ0t)0(5;%4GJWGWCaqu7R-U(EL`?_BM001R)
zMObuXVRU6WV{&C-bY%cCFflYOFflDKHdHb)IxsOhF*7SLGCD9Yn-J|I0000bbVXQn
zWMOn=I&E)cX=Zr<GB7bTEif@HFg8>&GCD9ZIx#aVFfuwYFzQWJp8x;=07*qoM6N<$
Eg5%igumAu6
--- a/mailnews/base/src/nsMsgContentPolicy.cpp
+++ b/mailnews/base/src/nsMsgContentPolicy.cpp
@@ -1,14 +1,15 @@
 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
 /* This Source Code Form is subject to the terms of the Mozilla Public
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 
 #include "nsMsgContentPolicy.h"
+#include "nsIPermissionManager.h"
 #include "nsIPrefService.h"
 #include "nsIPrefBranch.h"
 #include "nsIAbManager.h"
 #include "nsIAbDirectory.h"
 #include "nsIAbCard.h"
 #include "nsIMsgWindow.h"
 #include "nsIMimeMiscStatus.h"
 #include "nsIMsgHdr.h"
@@ -289,16 +290,36 @@ nsMsgContentPolicy::ShouldLoad(uint32_t 
   rv = originatorLocation->SchemeIs("http", &isHttp);
   nsresult rv2 = originatorLocation->SchemeIs("https", &isHttps);
   if (NS_SUCCEEDED(rv) && NS_SUCCEEDED(rv2) && (isHttp || isHttps))
   {
     *aDecision = nsIContentPolicy::ACCEPT;
     return NS_OK;
   }
 
+  uint32_t permission;
+  mPermissionManager->TestPermission(aContentLocation, "image", &permission);
+  switch (permission) {
+    case nsIPermissionManager::UNKNOWN_ACTION:
+    {
+      // No exception was found for this location.
+      break;
+    }
+    case nsIPermissionManager::ALLOW_ACTION:
+    {
+      *aDecision = nsIContentPolicy::ACCEPT;
+      return NS_OK;
+    }
+    case nsIPermissionManager::DENY_ACTION:
+    {
+      *aDecision = nsIContentPolicy::REJECT_REQUEST;
+      return NS_OK;
+    }
+  }
+
   // The default decision is still to reject.
   ShouldAcceptContentForPotentialMsg(originatorLocation, aContentLocation,
                                      aDecision);
   return NS_OK;
 }
 
 /**
  * Determines if the requesting location is a safe one, i.e. its under the
@@ -449,35 +470,37 @@ nsMsgContentPolicy::ShouldAcceptRemoteCo
     aMsgHdr->SetUint32Property("remoteContentPolicy", kBlockRemoteContent);
   
   return result;
 }
 
 class RemoteContentNotifierEvent : public nsRunnable
 {
 public:
-  RemoteContentNotifierEvent(nsIMsgWindow *aMsgWindow, nsIMsgDBHdr *aMsgHdr)
-    : mMsgWindow(aMsgWindow), mMsgHdr(aMsgHdr)
+  RemoteContentNotifierEvent(nsIMsgWindow *aMsgWindow, nsIMsgDBHdr *aMsgHdr,
+                             nsIURI *aContentURI)
+    : mMsgWindow(aMsgWindow), mMsgHdr(aMsgHdr), mContentURI(aContentURI)
   {}
 
   NS_IMETHOD Run()
   {
     if (mMsgWindow)
     {
       nsCOMPtr<nsIMsgHeaderSink> msgHdrSink;
       (void)mMsgWindow->GetMsgHeaderSink(getter_AddRefs(msgHdrSink));
       if (msgHdrSink)
-        msgHdrSink->OnMsgHasRemoteContent(mMsgHdr);
+        msgHdrSink->OnMsgHasRemoteContent(mMsgHdr, mContentURI);
     }
     return NS_OK;
   }
 
 private:
   nsCOMPtr<nsIMsgWindow> mMsgWindow;
   nsCOMPtr<nsIMsgDBHdr> mMsgHdr;
+  nsCOMPtr<nsIURI> mContentURI;
 };
 
 /** 
  * This function is used to determine if we allow content for a remote message.
  * If we reject loading remote content, then we'll inform the message window
  * that this message has remote content (and hence we are not loading it).
  *
  * See ShouldAcceptRemoteContentForMsgHdr for the actual decisions that
@@ -523,18 +546,18 @@ nsMsgContentPolicy::ShouldAcceptContentF
   // this url that this is the case, so that the UI knows to show the remote
   // content header bar, so the user can override if they wish.
   if (*aDecision == nsIContentPolicy::REJECT_REQUEST)
   {
     nsCOMPtr<nsIMsgWindow> msgWindow;
     (void)mailnewsUrl->GetMsgWindow(getter_AddRefs(msgWindow)); 
     if (msgWindow)
     {
-      nsCOMPtr<nsIRunnable> event = new RemoteContentNotifierEvent(msgWindow,
-                                                                   msgHdr);
+      nsCOMPtr<nsIRunnable> event =
+        new RemoteContentNotifierEvent(msgWindow, msgHdr, aContentLocation);
       // Post this as an event because it can cause dom mutations, and we
       // get called at a bad time to be causing dom mutations.
       if (event)
         NS_DispatchToCurrentThread(event);
     }
   }
 }
 
--- a/mailnews/extensions/bayesian-spam-filter/src/nsBayesianFilter.cpp
+++ b/mailnews/extensions/bayesian-spam-filter/src/nsBayesianFilter.cpp
@@ -1010,17 +1010,18 @@ NS_IMETHODIMP TokenStreamListener::OnEnd
 }
 
 NS_IMETHODIMP TokenStreamListener::OnEndMsgDownload(nsIMsgMailNewsUrl *url)
 {
     return NS_OK;
 }
 
 
-NS_IMETHODIMP TokenStreamListener::OnMsgHasRemoteContent(nsIMsgDBHdr * aMsgHdr)
+NS_IMETHODIMP TokenStreamListener::OnMsgHasRemoteContent(nsIMsgDBHdr *aMsgHdr,
+                                                         nsIURI *aContentURI)
 {
     return NS_OK;
 }
 
 NS_IMETHODIMP TokenStreamListener::OnEndMsgHeaders(nsIMsgMailNewsUrl *url)
 {
     return NS_OK;
 }
--- a/mailnews/mime/public/nsIMimeMiscStatus.idl
+++ b/mailnews/mime/public/nsIMimeMiscStatus.idl
@@ -4,33 +4,34 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 #include "nsISupports.idl"
 #include "nsrootidl.idl"
 
 interface nsIChannel;
 interface nsIMsgMailNewsUrl;
 interface nsIUTF8StringEnumerator;
 interface nsIMsgDBHdr;
+interface nsIURI;
 interface nsIWritablePropertyBag2;
 
 [scriptable, uuid(4644FB25-5255-11d3-82B8-444553540002)] 
 interface nsIMimeMiscStatus : nsISupports{
 
     string  GetWindowXULandJS();
     string  GetGlobalXULandJS();
     string  GetIndividualXUL(in string aName, in string aHeader, in string aEmail);
 
     long    GetMiscStatus(in string aName, in string aEmail);
     string  GetImageURL(in long aStatus);
 };
 
 // this is a simple interface which allows someone to listen to all the headers 
 // that are discovered by mime. We can use this when displaying a message to update
 // the msg header in JS. 
-[scriptable, uuid(2a709e6f-48ec-4273-9d4c-7b1115a2e756)]
+[scriptable, uuid(e0e821f0-cecf-4cb3-be5b-ee58b6868343)]
 interface nsIMsgHeaderSink : nsISupports 
 {
   // You must finish consuming the iterators before returning from processHeaders. aHeaderNames and aHeaderValues will ALWAYS have the same
   // number of elements in them
   void processHeaders(in nsIUTF8StringEnumerator aHeaderNames, in nsIUTF8StringEnumerator aHeaderValues, in boolean dontCollectAddress);
 
   void handleAttachment(in string contentType, in string url, in wstring displayName, in string uri,
                         in boolean aNotDownloaded);
@@ -49,17 +50,24 @@ interface nsIMsgHeaderSink : nsISupports
   void onEndMsgHeaders(in nsIMsgMailNewsUrl url);
 
   // onEndMsgDownload is triggered when layout says it is actually done rendering 
   // the message body in the UI. 
   void onEndMsgDownload(in nsIMsgMailNewsUrl url);
 
   attribute nsISupports securityInfo;
 
-  void onMsgHasRemoteContent(in nsIMsgDBHdr aMsgHdr);
+  /**
+   * onMsgHasRemoteContent is called each time content policy encounters remote
+   * content that it will block from loading.
+   * @param aMsgHdr header of the message the content is located in
+   * @param aContentURI location that will be blocked.
+   */
+  void onMsgHasRemoteContent(in nsIMsgDBHdr aMsgHdr, in nsIURI aContentURI);
+
   readonly attribute nsIMsgDBHdr dummyMsgHeader;
   
   // used as a hook for extension mime content handlers to store data that can later
   // be accessed by other parts of the code, e.g., UI code.
   // TODO - Should replace securityInfo
   readonly attribute nsIWritablePropertyBag2 properties;
   // When streaming a new message, properties should be reset, so that there are
   // not previous values lurking around.
--- a/mailnews/mime/test/unit/test_attachment_size.js
+++ b/mailnews/mime/test/unit/test_attachment_size.js
@@ -226,17 +226,17 @@ let gMessageHeaderSink = {
 
   // stub functions from nsIMsgHeaderSink
   onStartHeaders: function() {},
   onEndHeaders: function() {},
   processHeaders: function(aHeaderNames, aHeaderValues, dontCollectAddrs) {},
   onEndAllAttachments: function() {},
   onEndMsgDownload: function() {},
   onEndMsgHeaders: function(aUrl) {},
-  onMsgHasRemoteContent: function(aMsgHdr) {},
+  onMsgHasRemoteContent: function(aMsgHdr, aContentURI) {},
   securityInfo: null,
   mDummyMsgHeader: null,
   properties: null,
   resetProperties: function () {}
 };
 
 let msgWindow = Cc["@mozilla.org/messenger/msgwindow;1"]
                   .createInstance(Ci.nsIMsgWindow);
--- a/mailnews/mime/test/unit/test_badContentType.js
+++ b/mailnews/mime/test/unit/test_badContentType.js
@@ -85,17 +85,17 @@ let gMessageHeaderSink = {
   // stub functions from nsIMsgHeaderSink
   addAttachmentField: function(aName, aValue) {},
   onStartHeaders: function() {},
   onEndHeaders: function() {},
   processHeaders: function(aHeaderNames, aHeaderValues, dontCollectAddrs) {},
   onEndAllAttachments: function() {},
   onEndMsgDownload: function() {},
   onEndMsgHeaders: function(aUrl) {},
-  onMsgHasRemoteContent: function(aMsgHdr) {},
+  onMsgHasRemoteContent: function(aMsgHdr, aContentURI) {},
   securityInfo: null,
   mDummyMsgHeader: null,
   properties: null,
   resetProperties: function () {}
 };
 
 let msgWindow = Cc["@mozilla.org/messenger/msgwindow;1"]
                   .createInstance(Ci.nsIMsgWindow);
--- a/mailnews/mime/test/unit/test_hidden_attachments.js
+++ b/mailnews/mime/test/unit/test_hidden_attachments.js
@@ -141,17 +141,17 @@ let gMessageHeaderSink = {
 
   // stub functions from nsIMsgHeaderSink
   onStartHeaders: function() {},
   onEndHeaders: function() {},
   processHeaders: function(aHeaderNames, aHeaderValues, dontCollectAddrs) {},
   addAttachmentField: function(aName, aValue) {},
   onEndAllAttachments: function() {},
   onEndMsgDownload: function() {},
-  onMsgHasRemoteContent: function(aMsgHdr) {},
+  onMsgHasRemoteContent: function(aMsgHdr, aContentURI) {},
   securityInfo: null,
   mDummyMsgHeader: null,
   properties: null,
   resetProperties: function () {}
 };
 
 let msgWindow = Cc["@mozilla.org/messenger/msgwindow;1"]
                   .createInstance(Ci.nsIMsgWindow);
--- a/mailnews/mime/test/unit/test_message_attachment.js
+++ b/mailnews/mime/test/unit/test_message_attachment.js
@@ -104,17 +104,17 @@ let gMessageHeaderSink = {
 
   // stub functions from nsIMsgHeaderSink
   onStartHeaders: function() {},
   onEndHeaders: function() {},
   processHeaders: function(aHeaderNames, aHeaderValues, dontCollectAddrs) {},
   onEndAllAttachments: function() {},
   onEndMsgDownload: function() {},
   onEndMsgHeaders: function(aUrl) {},
-  onMsgHasRemoteContent: function(aMsgHdr) {},
+  onMsgHasRemoteContent: function(aMsgHdr, aContentURI) {},
   securityInfo: null,
   mDummyMsgHeader: null,
   properties: null,
   resetProperties: function () {}
 };
 
 let msgWindow = Cc["@mozilla.org/messenger/msgwindow;1"]
                   .createInstance(Ci.nsIMsgWindow);
--- a/mailnews/mime/test/unit/test_rfc822_body.js
+++ b/mailnews/mime/test/unit/test_rfc822_body.js
@@ -68,17 +68,17 @@ let gMessageHeaderSink = {
   // stub functions from nsIMsgHeaderSink
   addAttachmentField: function(aName, aValue) {},
   onStartHeaders: function() {},
   onEndHeaders: function() {},
   processHeaders: function(aHeaderNames, aHeaderValues, dontCollectAddrs) {},
   onEndAllAttachments: function() {},
   onEndMsgDownload: function() {},
   onEndMsgHeaders: function(aUrl) {},
-  onMsgHasRemoteContent: function(aMsgHdr) {},
+  onMsgHasRemoteContent: function(aMsgHdr, aContentURI) {},
   securityInfo: null,
   mDummyMsgHeader: null,
   properties: null,
   resetProperties: function () {
     this.attachmentCount = 0;
   },
 };