Upgrade to the latest Django release, 1.10.4.

Most of the changes to support this were merged some time ago; what
remains are these changes:

* Update requirements.txt
* Django 1.10: Upgrade success-http-headers.txt file.

- We no longer get the absolute urls, see
  https://docs.djangoproject.com/en/1.10/releases/1.9/#http-redirects-no-longer-forced-to-absolute-uris
- The headers are capitalized, previously, they were in upper case.

* Bump PROVISON_VERSION to 3.0 since this is a disruptive change.

Fixes #3.

requirements/common.txt

@@ -1,6 +1,6 @@
 -r ipython.txt
 # Django itself; we use a slightly patched version
-git+https://github.com/zulip/truncated-django-1.8.15.git@cbf4fa3aef1b17f37d75a70e57f9b69a0f99ed5c#egg=Django==1.8.15
+Django==1.10.4
 
 # Needed for rendering backend templates
 Jinja2==2.8

tools/travis/success-http-headers.txt

@@ -1,23 +1,23 @@
   Self-signed certificate encountered.
 WARNING: no certificate subject alternative name matches
 	requested host name ‘localhost’.
-  HTTP/1.1 302 FOUND
+  HTTP/1.1 302 Found
   Server: nginx/1.4.6 (Ubuntu)
   Content-Type: text/html; charset=utf-8
   Transfer-Encoding: chunked
   Connection: keep-alive
-  Location: https://localhost/login
+  Location: /login
   Strict-Transport-Security: max-age=15768000
-Location: https://localhost/login [following]
+Location: /login [following]
 Reusing existing connection to localhost:443.
-  HTTP/1.1 301 MOVED PERMANENTLY
+  HTTP/1.1 301 Moved Permanently
   Server: nginx/1.4.6 (Ubuntu)
   Content-Type: text/html; charset=utf-8
   Transfer-Encoding: chunked
   Connection: keep-alive
-  Location: https://localhost/login/
+  Location: /login/
   Strict-Transport-Security: max-age=15768000
-Location: https://localhost/login/ [following]
+Location: /login/ [following]
 Reusing existing connection to localhost:443.
   HTTP/1.1 200 OK
   Server: nginx/1.4.6 (Ubuntu)

version.py

@@ -1,2 +1,2 @@
 ZULIP_VERSION = "1.4.1+git"
-PROVISION_VERSION = '2.5'
+PROVISION_VERSION = '3.0'