One method I have used to bypass restrictions on poorly written websites is manually deleting webpage HTML elements. To maintain security and keep intruders at bay without disrupting user experience, I am exploring options to implement automatic logout after a period of inactivity. Instead of redirecting users to a login screen, I am considering using a modal dialog to prompt for a password retention before locking the screen.
Objective: My goal is to enhance website security by implementing an automatic logout feature triggered by browser event upon detecting inactivity. A similar approach observed on a website involved crashing the page when attempting to inspect the browser backend, followed by reloading the page upon closing the browser backend. Despite my search for relevant code snippets, I have not found a complete solution yet.
Here is a visual representation of my concept:
https://i.sstatic.net/1MmGe.png
I recently discovered a snippet that checks for the status of developer tools and executes specific actions based on their state. While this code partially aligns with my intention, I am keen on finding an event-driven solution rather than relying on continuous monitoring for changes.
var element = new Image;
var devtoolsOpen = false;
element.__defineGetter__("id", function() {
devtoolsOpen = true; // This only executes when devtools is open.
});
setInterval(function() {
devtoolsOpen = false;
console.log(element);
document.getElementById('output').innerHTML += (devtoolsOpen ? "dev tools is open\n" : "dev tools is closed\n");
}, 1000);