Prevent user from closing Firefox

Question

I absolutely need a user to log out of a website which she/he uses to access our database. If one doesn't log out, and simply closes the browser, the system locks the username for an hour. I did not implement it, it's just the way it works.

I thought to write a simple C# program that would somehow detect whether the user logged out, and if not, prevent them from closing the browser.

1) Is there Firefox API, or any other way to read the website content in firefox.exe process?

2) When a user hits 'X' to close the browser, is it possible to abort the termination of firefox.exe process? (probably this is the deal-breaker question).

I would appreciate any hints. Thanks!

Answer 1

I agree with oleksii. But you can make it less easy for users to close Firefox.

I'm currently writing an add-on (via the SDK) that listens to the "quit-application-requested" Observer Notification and sets aSubject.data to true preventing Firefox from quittng the application.

observe: function(aSubject, aTopic, aData) {
    if (aTopic == "quit-application-requested") {
      aSubject.QueryInterface(Ci.nsISupportsPRBool);
      aSubject.data = (this.canQuit() == false);
    }
  }

But what I actually want is a certain window not being closed, as to not close the web application (a FileMaker database).

Therefore I've also tried disabling all commands, all keys and all menus (browser XUL), like so:

var allCommands = win.document.getElementsByTagName("command");
for (let i = 0; i < allCommands.length; i++) {
  allCommands[i].setAttribute("disabled", "true");
}

var allKeys = win.document.getElementsByTagName("key");
for (let i = 0; i < allKeys.length; i++) {
  allKeys[i].setAttribute("disabled", "true");
}

var allMenus = win.document.getElementsByTagName("menu");
for (let i = 0; i < allMenus.length; i++) {
  allMenus[i].setAttribute("disabled", "true");
}

But users can still quit the application and thus close the window with the web application unless I prevent opening new Firefox windows.

So "it" works but I would like for them to still browse and just not close a specific tab or window in which the tab resides.

Without preventing opening of new windows it doesn't work because apparently when a user opens a new window then when users press Alt+F4 it would not be an application quit but a window close. Although I thought I had disabled all commands/keys/menus, still there exists some kind of close possibility.

Does anyone have any ideas on how to accomplish that without preventing the opening of new windows?

Answer 2

Every user should have a session, if you are using authentication. Sessions can be configured to expire. All you need to do is just to handle an appropriate session expire event.

Do not look for any hack to handle a browser exit event - it is a dangerous path:

• Everybody would hate it, and there is no chance you can make it reliable, i.e. working in newer versions of browsers, supporting many browsers on different OS etc
• This may work in Firefox Mozilla (sample), but may not work in IE or Chrome
• Application can be killed by OS, so browser events will not get a chance to fire and your handling code will not work

Answer 3

What you can do is use javascript to detect the browser closing or leaving your site and in those instances fire a method or hit a webservice that logs them out. Very quick, very simple and will work across browsers.

Answer 4

You can't stop the user from closing firefox, because there a lot of ways it can be closed that can't be controlled by your code (e.g. killing the process from taskmon). However, you can detect the closure event in your code (window.onClose() event) and do the log out process.

However, in case of firefox (or any other browser for that matter), gets killed rather than being closed, window.onClose() will not work. So its better to handle the session in the server rather than depending on the client behavior.

Answer 5

You cannot prevent a user from closing a program with legitimate methods. This is for obvious security purposes.