Security measures for project import should not apply to project export
There are a number of sanity checks when importing a project. The documents' HTML have to be safe and everything has to conform to the limits (e.g. document name length, project name length, ...)
This matters when importing a project into our database, but does not matter when exporting a project from our database. At best it does nothing because existing projects should be valid, at worst it prevents exporting projects for no security benefit.
copy_project()
should have two modes of operation, with and without validation.