The querystring consist of one variable dataFromRemoteControl which in turn contains a json encoded object with the following variables:
A 128 bit key in the form of 32 hex letters (0-f). It is used to recognize that the request comes from a valid "remote controller".
A sequence number that counts upwards. To prevent replay attacks. (not really needed since TLS prevents replay attacks (so it will be removed))
For checking the status (see more below for how response is handled).
Make the user visible or hidden on the receiving site.
Number of seconds till the user should be automatically hidden. (should be renamed hideTimerResetValue)
If the request comes as a result of the user hitting "On" (then boSetTHide=true) or if the request comes from the background process callback (then boSetTHide=false)
If boSetTHide==true then the controlled site should push the hide time point forward with the hideTimer value.
What should the controlled site return
A string whose first 200 characters are displayed in the BLB-app.
If the string starts with "Visible" the string is colored green.
If the string starts with "Hidden" the string is colored red.
Otherwise the string is colored black.
One could say that, the native app is a workaround for as long as geolocation (in web apps) doesn't work in service workers.