HTTP to HTTPS and remove target="_blank" a-attribute

[faf0-addepar]

The target="_blank" a-attributes are removed to prevent phishing: https://dev.to/ben/the-targetblank-vulnerability-by-example

Correct the bower registry to fix build.

[metathinker]

You also need to correct the failing test case: not ok 198 PhantomJS 2.1 - Unit | Mixin | legends: drwaing legend works

[faf0-addepar]

@metathinker thanks for taking a look. I reverted the XML namespace changes.

The reason to remove the target="_blank" attributes is to prevent phishing: https://dev.to/ben/the-targetblank-vulnerability-by-example