Some banking and financial sites auto logs out when it thinks you are idle. Is there a way for me to inject a script into the page that can fake that I am not idle?
I tried this: setInterval(() => document.body.click(), 1000 * 60 * 5) // Click every 5 minutes
but it did not work and I still got logged out:
Again, this is not intended for any malicious purpose - I monitor my stock positions on Fidelity by keeping my stock positions screen open in one monitor while I do my work on the other monitor but Fidelity keeps showing an idle warning and logs me out every 30 minutes.
Note, in this particular case, the site is listening to click, touchstart, keydown and scroll events as well document.visibilityState:
Some notes:
I cannot simply refresh the page every x minutes because the page has some UI state (e.g. sort order of my positions in a table) that would get lost
I tried a dumb
pyautoguiscript that moves my mouse and clicks on the page and that works! So why cannot I do this in chrome?
As a full-stack programmer, you should know that a web application which does not implement timeouts serverside is going to be very insecure. I.e. to prevent timeouts you need to generate requests which are not cacheable and which hit the application logic (not static content). There is no generic solution to this - you need to study the application to find a URL can hit which will update the session activity without generating any financial transaction.