I seriously doubt any third-party server will do the work of obtaining
an SSL cert, but...
Well, I guess it wouldn't be too hard to write a script to automate
getting a Let's Encrypt cert... We'll see. This will help with testing,
regardless.
Data (teams and prefs) are now always stored in localStorage in the
`https://play.pokemonshowdown.com` origin. Data storage at a low
level has been mostly rewritten for this, and moved to storage.js.
Tools.prefs has been renamed Storage.prefs, although the API
Tools.prefs(prefName) is still available, and recommended for
battle.js (because storage.js isn't available in replays). All
other pref functionality, such as setting prefs and saving prefs,
should only be used in Storage.prefs.
If the browser blocks third-party cookies in a detectable way,
data is instead stored in the local origin.
As a final safety measure, prefs/teams are mirrored in the local origin
in case third-party cookies are blocked in an undetectable way.
This refactor also replaces the 'init:loadprefs' and 'init:loadteams'
events with a new load tracking system that's basically a simplified
implementation of Promises, documented in the comments for
Tools.makeLoadTracker().
See Zarel/Pokemon-Showdown@d5c622b493
New system is backwards-compatible with old one. This also slightly
refactors some other stuff, for an overall simpler system.
When attempting to go on an unregistered server when there is already
another registered server sharing the same IP/Port pair (such as in
virtual hosting), you get redirected to the registered server, which
is undesirable
So in theory, a user hosting PS on their own computer should be able
to visit their server with their IP. For some reason, certain routers
don't allow this, and force them to use localhost or 127.0.0.1.
This commit makes it so we do this for them, so they can still use
their server's official address [serverid].psim.us to connect to
their server.
This drops support for the pre-challenge-response authentication scheme
(i.e. the scheme in use before Zarel/Pokemon-Showdown@7dbd8cfec5 on
February 8, 2013), and, by doing so, simplifies quite a bit of the
authentication code.
In particular, it is no longer necessary to make any database queries in
index.php, which reduces our database use significantly and also moves us
closer to the goal of the index page being static HTML.
