Trivial Description
If a user's session expires, they can no longer perform any operations within the UI, however the current page will still be visible unless:
- The user attempts to perform some action (including navigate elsewhere).
- The user is connected to at least one connection (in which case we will immediately know if the user's session is invalidated).
This is fairly standard behavior, but could be problematic if an administrator opens a page containing sensitive information and then leaves that page open and inactive. Though their session would eventually expire and no further action would be possible, the contents of the browser window would remain.
It would be better if the UI periodically checked whether the user's session has expired and automatically reset itself if the session is no longer valid.