Return Styles: Pseud0ch, Terminal, Valhalla, NES, Geocities, Blue Moon. Entire thread

Web security

Name: Anonymous 2019-07-31 6:16

Scenario:
User opens two tabs of content needing authentication
Both are redirected to the login screen
User logs on in one of them and is granted access
User reloads the second page
Should it redirect to the requested location, or should it prompt for login again?

Name: Anonymous 2019-08-02 2:18

The right answer is JavaScript. When the user successfully logs into the first tab, other tabs can be notified immediately using the postMessage API [1].

Upon receiving the notification, the second tab then loads the requested location, without the user having to do anything.

// first tab
window.postMessage('login', 'https://mywebsite.com');

// second tab
window.addEventListener('message', (event) => {
if (event.origin === 'https://mywebsite.com' && event.data === 'login') {
// Load the location the user originally wanted. This time, we should be authorized.
const return_to_path = new URL(window.location.href).searchParams.get('return_to')
window.location.pathname = return_to_path;
}
});



Works Cited.

[1] https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage
[2] http://i.imgur.com/xBjhq9g.jpg
Newer Posts
Don't change these.
Name: Email:
Entire Thread Thread List
All trademarks and copyrights on this site are owned by their respective parties. All comments and posts are the responsibility of their own posters.
- Tinychan + 2ch Mode + RSS -