On my university’s website, there is a post login security check from Duo Security that just loads an iFrame once you enter your password, does whatever the hell it does, and apparently verifies that your login is legit (somehow).

But it only works when I’m on the current tab. If I log in and then switch to a different tab, it does nothing. If you switch back after a little bit, it will continue doing its thing as soon as you do, but wait too long and the session expires and you have to enter your credentials again.

Is it using some JS API to know whether I’m on its tab or not, or is it doing something even weirder? Is it possible to make Firefox report to every open page that I’m always on its tab, even when I’m not?

  • blank_sl8
    link
    fedilink
    arrow-up
    3
    ·
    3 years ago

    It’s been possible for much longer, using window.onblur

    This new API may be somewhat smarter (for example, onblur is triggered even if you change to a new window with the original webpage open behind it)