- if (this.state.user.id > 0)
- {
- fetch(params.serverUrl + "/whoami", {
- method: "GET",
- credentials: params.cors ? "include" : "omit",
- }).then((res) => {
- this.state.user.email = res.email;
- this.state.user.notify = res.notify;
- });
- }
- this.state.conn = new WebSocket(params.socketUrl + "/?sid=" + mysid);
+ // Slow verification through the server:
+ // NOTE: still superficial identity usurpation possible, but difficult.
+ ajax("/whoami", "GET", res => {
+ this.state.user.id = res.id;
+ this.state.user.name = res.name;
+ this.state.user.email = res.email;
+ this.state.user.notify = res.notify;
+ });
+ this.state.conn = new WebSocket(params.socketUrl + "/?sid=" + mysid +
+ "&page=" + encodeURIComponent(page));