JavaScript onUnload 的替代方案

发布于 2024-08-03 05:56:23 字数 207 浏览 9 评论 0原文

Javascript onUnload 有替代方案吗?我使用 JSP Jakarta Struts 框架和 Servlet

我必须知道窗口何时关闭,因为不是每个人都会单击“注销”按钮。
您在应用程序中如何处理它?

there is an alternative to the Javascript onUnload? I use JSP Jakarta Struts framework with a Servlets.

I must know, when is window closing, because not everyone clicks on Logout button.
How do you handle it in your applications?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

蓝眼泪 2024-08-10 05:56:23

一般来说,不可能最终确定访问者是否仍在“使用”(甚至查看)您的页面。一旦浏览器下载了页面,它就不再与服务器联系,因此页面可能会保持打开状态几秒钟或几年,而服务器将不知道。

unload 事件当然是一个有用的线索,因为它通常在页面卸载时触发。然而,这根本不可靠。在很多情况下它不会触发,还有很多情况下即使它确实触发,您的服务器仍然不知道它。

例如:浏览器(甚至操作系统)可能崩溃,或者断电。使用 Wi-Fi 的访问者可能会在使用您的网站时断开连接,或者可能将 iPhone 带到隧道中。

对此的标准解决方法(我们都承认这很糟糕)是让访问者的会话超时。即使在高风险的银行网站上,您也会发现,如果您离开计算机四分钟然后回来,您仍然可以访问,但如果您离开计算机五分钟,您就会被锁定。

这种设置肯定会发现很多误报:访问者仍在使用您的页面而不与之交互,因此因超时而带来不便。它还允许漏报:真正的访问者已经离开,恶意用户在超时时间内接管的情况。

我们最近看到的该方案的唯一主要补充是利用 JavaScript 在超时后明显地使用户注销。同样,我们在银行网站上看到了这一点:将页面打开太长时间,当您回来时,您看到的只是登录屏幕。 (当然,这也取决于 JavaScript,因此仍然容易出错。)

不幸的是,由于 HTTP 是无状态协议,我们永远无法确定浏览器中发生了什么(特别是在 JavaScript 关闭的情况下),因此我们确实可以使用廉价的解决方法。

Generally speaking, it's impossible to determine conclusively whether a visitor is still "using" (or even looking at) your page. Once the browser has downloaded the page, it's no longer in contact with the server at all, so the page could stay open for a few seconds or a few years and the server would have no idea.

The unload event is certainly a helpful clue, since it usually fires when the page is unloaded. It's not at all reliable, however. There are plenty of situations where it won't fire, and plenty more where even though it does fire your server will remain unaware of it.

For example: the browser (or even the operating system) could crash, or the power could go out. A visitor using Wi-Fi could get disconnected, or could carry her iPhone into a tunnel while using your site.

The standard workaround for this — which we all readily admit is terrible — is to let the visitor's session timeout. Even on high-stakes banking websites, you'll find that if you walk away from your computer for four minutes and come back you still have access, but if you walk away for five you're locked out.

This setup certainly finds a lot of false positives: cases where a visitor was still using your page without interacting with it, and therefore is inconvenienced by the timeout. It also allows false negatives: cases where the real visitor has walked away, and a malicious user takes over within the timeout period.

The only major addition to this scheme we've seen lately is exploitation of JavaScript to visibly log the user out after the timeout period. Again, we see this on banking websites: leave the page open for too long and when you come back all you'll see is a login screen. (Of course, this too depends on JavaScript and so is still fallible.)

Unfortunately, since HTTP is a stateless protocol, we'll never be able to know for sure what's going on in the browser (especially if JavaScript is off), so cheap workarounds are really all we can use.

眼眸里的那抹悲凉 2024-08-10 05:56:23

您应该知道 Opera 不会像您所怀疑的那样执行 onUnload。并且您不应该依赖 javascript 来查看用户是否关闭窗口。

You should be aware that Opera does not execute onUnload as you would suspect. And you should not rely on javascript to see if users close windows.

别在捏我脸啦 2024-08-10 05:56:23

我依靠 servlet 会话超时来自动处理注销。您可以在会话超时时注册一个处理程序,以覆盖您需要执行的任何凭据清理操作。这里给出了一个很好的例子:

http://www.xyzws .com/Servletfaq/when-do-i-use-httpsessionlistener/7

客户端无法保证用户始终确认他们已完成对您网站的使用。

I rely on the servlet session timeout to handle the logout automatically. You can register a handler for when the session times out to cover any credential cleanup you need to do. A good example is given here:

http://www.xyzws.com/Servletfaq/when-do-i-use-httpsessionlistener/7

There is no guarantee from the client side that the user will always confirm that they have finished using your site.

痞味浪人 2024-08-10 05:56:23

我使用onbeforeunload查看文档

经过测试,它似乎可以工作FirefoxChromeIE11Edge

我没有测试任何其他浏览器。(兼容性列表在这里

I use the onbeforeunload. See the documentation

After testing it seems to work on Firefox, Chrome, IE11 and Edge.

I didn't test any other browser.(compatibility list is here)

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文