On my university’s website, there is a post login security check from Duo Security that just loads an iFrame once you enter your password, does whatever the hell it does, and apparently verifies that your login is legit (somehow).

But it only works when I’m on the current tab. If I log in and then switch to a different tab, it does nothing. If you switch back after a little bit, it will continue doing its thing as soon as you do, but wait too long and the session expires and you have to enter your credentials again.

Is it using some JS API to know whether I’m on its tab or not, or is it doing something even weirder? Is it possible to make Firefox report to every open page that I’m always on its tab, even when I’m not?

    • AgreeableLandscape@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      Yeah, the security plugin doesn’t run without JavaScript.

      Neither does the rest of my university’s student dashboard. Fantastic.

    • blank_sl8@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      3 years ago

      It’s been possible for much longer, using window.onblur

      This new API may be somewhat smarter (for example, onblur is triggered even if you change to a new window with the original webpage open behind it)