dependencies: upgrade express 4.16.4 -> 4.17.1

This upgrade should be backward compatible.
Changelogs:
- https://expressjs.com/en/changelog/4x.html
- https://github.com/expressjs/express/blob/master/History.md#4171--2019-05-25

4.17.1 - Release date: 2019-05-25
The 4.17.1 patch release includes one bug fix:
    The change to the res.status() API has been reverted due to causing
    regressions in existing Express 4 applications.

4.17.0 - Release date: 2019-05-16
The 4.17.0 minor release includes bug fixes and some new features, including:

    The express.raw() and express.text() middleware have been added to provide
    request body parsing for more raw request payloads. This uses the
    expressjs/body-parser module module underneath, so apps that are currently
    requiring the module separately can switch to the built-in parsers.

    The res.cookie() API now supports the "none" value for the sameSite option.

    When the "trust proxy" setting is enabled, the req.hostname now supports
    multiple X-Forwarded-For headers in a request.

    Starting with this version, Express supports Node.js 10.x and 12.x.

    The res.sendFile() API now provides and more immediate and easier to
    understand error when a non-string is passed as the path argument.

    The res.status() API now provides and more immediate and easier to
    understand error when null or undefined is passed as the argument.

src/package.json

@@ -39,7 +39,7 @@
     "ejs": "2.6.1",
     "etherpad-require-kernel": "1.0.9",
     "etherpad-yajsml": "0.0.2",
-    "express": "4.16.4",
+    "express": "4.17.1",
     "express-session": "1.16.1",
     "find-root": "1.1.0",
     "formidable": "1.2.1",