I have a NodeJs Express app and when a particular user goes to a page/route would like to identify and display if another user is currently viewing the page as well. So for example it would say "Jerry currently viewing this page" and someone else goes there.
Is there any easy/lightweight way to do this?
First off, with a regular web page, the server only knows who and when a page was requested. It doesn't, all by itself, know whether that user is still viewing that page or not. The user could have closed the browser, typed something else in the URL bar, the computer could have gone to sleep, etc...
Second off, even if the page is still being displayed in the browser, you can't know if someone is actually there at the computer or not. The best you could do is to try to keep track of activity in that web page (last mouse click, recent mouse movements over the web page, etc...).
Then, to even have any idea of the web page is even still open in the browser, you need some way of tracking that notion. There are two possibilities I can think of.
You can have some Javascript in the web page that regularly (say once every few minutes) sends a small little ajax call to your server that basically just says "I'm still here". This wouldn't know immediately when they left the page, but if the server finds that the usual every few minutes ajax call didn't come, then the server can change the status of that user on that page to not there any more.
If that web page makes a webSocket or socket.io connection to the server and keeps that connection alive, then whenever the browser closes or the user closed that tab or navigates to another page, that webSocket or socket.io connection will get automatically closed and the server will be notified that the socket got closed. Using this technique, the server can know pretty much right away when the user leaves the page.
Related
Blazor-Server apps use the SignalR circuit.
I can somewhat understand how there is JS that change events happening from the DOM, so instead of sending a new HTTP GET request the framework manipulates the DOM and displays the new blazor page.
But how is it even possible that the circuit is still active and working on page back button? This is a BROWSER FEATURE, not some html element, which can be changed, right? Would it not be a security issue if the browser back button behavior can be manipulated in different ways?
Not firing a new HTTP GET request on page back seems pretty hacky. Wouldn't that allow for malicious websites to do the same? Can websites access the last page visited with that??
How does the browser "know" that the last page should also use the same websocket circuit?
Is it then possible to tell the browser that it should establish a websocket on a past page, that didn't even have any before (would seem like a security risk)?
How does the back button differ from hitting "enter" in the address bar (which will always cut and establish a new circuit)?
Is the back button exactly the same as calling JS history.back() ?
Well, This is the thing, I was navigating the internet any page, and suddenly, A Pop Up windows appeared on screen from my ISP (To remind me I didn't pay today) ... so Do you know how to send that kind of messages without opening the webpage or installing anything on a pc?
I was navigating the internet any page...
Since your internet access is through the ISP, they have the ability to manipulate the traffic coming through their hardware. This includes replacing the content of a site, appending content, or inserting content.
Obviously they can't alter the actual site, but if you request "foo.com" and you haven't paid your bill, they can return whatever they want in response to your request.
They could return <script>window.open()</script> + the HTML content of "foo.com". Invalid, but browsers will render it. They could return a warning page. They could return an HTTP status code. You get the idea.
If you didn't have your web browser open, then something is installed in the background (whether or not you know it). Most hardware comes with dozens of background services which try to be "helpful".
Whats the standard way to detect the browser window close event in any standard browser? By standard I mean something that sites like Google or Facebook implement when the "keep me signed in" checkbox is unchecked. I have an interactive website in place where theres an Instant Messaging module and I need to inform the other user that the partner has logged out.
Thanks in advance.
The keep me signed in links are managed via cookies and cookie timeout lengths.
One approach to doing something like this is to have the browser make an async ajax call every (1 minute) to your server so you know they are still logged in. If you dont receive one of these calls within say 90 seconds you can say they are logged out.
This approach would also catch cases where for example their connection went or their computer crashed.
On websites like eBay, if you would time-out of your session, and say you were looking at a shoe, when you come back(after your sleep) to the page, you'd see the shoe, but you're logged out.
However, once you log back in, you get directed to that shoe immediately.
I am thinking that I say : "After timeout from website, upon re-login go back directly to page where timeout happened."
But how is this functionality described(as in, what technologies will we use)? Also, is it something that needs alot of resources?
Quite often it's done by having a "Return To" url passed along to the login page.
So.... (Logged in)
Visit Shoe Page
Session Times out
Either via js on timeout or next page refresh, user will see logged-out shoe page
Login link on that page includes the url of the shoe page eg Login.php?ReturnTo=ShoePage.php
Note that this applies to websites. You've also added a web service tag which is completely different - web services have no concept of a "current page"
If you decide to store the last page for the user in the db, what happens if the last page visited is no longer valid? You'd also be adding 1 Db operation per page load (to update the last visited page). No real performance concern but worth knowing. It's slightly non-standard behavior so you'd need to make sure the user knows why they've been redirected
say I open a browser window, click weather link , but the network is slow, before the server send me back anything, I click another sport link.
which page will I get eventually?
since the second httprequest may arrive the server earlier than the first one. and server will may send back the response for the second httprequest first, so my browser will display weather page instead of sport page?
since there are two response, how does browser handle them? is that possible browser dispay weather page and later dispaly sport page automatically?
See Question regarding browser behavior when a response is sent from a server for a similar question which was answered.