with this are the users still infected even if they navigate away from the page?

即使用户离开页面，他们是否仍然受到感染？

No

不

Do these sort of programs only work while the user has the page open in the browser?

此类程序是否仅在用户在浏览器中打开页面时工作？

Yes, the script will only run on the website that includes it, while the page is open in the browser

是的，脚本只会在包含它的网站上运行，而页面在浏览器中打开

UPGRADE:

升级：

More information about this script: https://coin-hive.com/

有关此脚本的更多信息：https: //coin-hive.com/

Coinhive offers a JavaScript miner for the Monero Blockchain (...) that you can embed in your website. Your users run the miner directly in their Browser

Coinhive 为门罗区块链 (...) 提供了一个 JavaScript 矿工，您可以将其嵌入您的网站。您的用户直接在他们的浏览器中运行矿工

And https://coin-hive.com/documentation/miner

还有https://coin-hive.com/documentation/miner

The miner runs until you explicitely stop it again or the user navigates away.

矿工一直运行，直到您再次明确停止或用户离开。

Coinhive does not appear to be "malware" since it does not appear to do anything particularly harmful to the user's computer. If that is the case, the users computers were never "infected" with anything.

Coinhive 似乎不是“恶意软件”，因为它似乎不会对用户的计算机做任何特别有害的事情。如果是这样，那么用户的计算机就永远不会“感染”任何东西。

It is extremely common these days for websites to load tons of third party scripts and cookies in the background and do hundreds of things you are not aware of every time you use the internet. Most sites load a Google Analytics tracking script when you visit them, even though you did not authorize them to do that. But that would not be considered malware. Most sites load persistent third-party cookies that track your presence from one website to another and create a massive profile of your online habits. This is why you could be shopping for shoes on one site, and then suddenly find that Facebook is serving you ads for shoes. But that also is generally not considered malware.

如今，网站在后台加载大量第三方脚本和 cookie 并在每次使用互联网时执行数百件您不知道的事情非常普遍。大多数网站会在您访问它们时加载 Google Analytics 跟踪脚本，即使您没有授权它们这样做。但这不会被视为恶意软件。大多数站点都会加载持久性第三方 cookie，这些 cookie 会跟踪您从一个网站到另一个网站的状态，并为您的在线习惯创建大量档案。这就是为什么您可能会在一个网站上购买鞋子，然后突然发现 Facebook 正在为您提供鞋子广告。但这通常也不被视为恶意软件。

In terms of "harm" or "unwanted activity", persistent tracking could be said to be more invasive than a coin mining script. The coin mining script is probably just using some of the memory and CPU power of the end user's computer, which is no different from the hundreds of other javascript libraries that are getting loaded in the background without your knowledge.

在“伤害”或“不需要的活动”方面，可以说持续跟踪比硬币挖掘脚本更具侵入性。硬币挖掘脚本可能只是使用了最终用户计算机的部分内存和 CPU 能力，这与在您不知情的情况下在后台加载的数百个其他 javascript 库没有什么不同。

I am not familiar with the coin-hive service, but actually script which you have provided contains such lines:

我不熟悉 coin-hive 服务，但实际上您提供的脚本包含以下几行：

    var JobThread = function() {
            this.worker = new Worker(CoinHive.CRYPTONIGHT_WORKER_BLOB);
            this.worker.onmessage = this.onReady.bind(this);
            ...
    };

As you see it is using Workers. I was not investigatin the whole script, but anyway using web workers means that some operations can be running even after page was closed. More information in this post.

如您所见，它正在使用 Workers。我没有研究整个脚本，但无论如何使用网络工作者意味着即使在页面关闭后也可以运行某些操作。这篇文章中有更多信息。

So the very first answer to your question is YES, users can be possibly infectedfor some time after page was closed (in theory, if script is written in such way).

所以你的问题的第一个答案是肯定的，用户可能会在页面关闭后的一段时间内被感染（理论上，如果脚本是这样编写的）。

But actually script seems to be terminated very soon by the system itself. Also coin-hive platform is not positioned as a malware and should be safe for users system. I don't think that you should worry about that at all.

但实际上脚本似乎很快就被系统本身终止了。此外，coin-hive 平台不定位为恶意软件，对用户系统来说应该是安全的。我不认为你应该担心这个。