itch.io Community » itch.io » Developer Updates

Sitelock Update

A topic by leafo created Nov 23, 2019 Views: 18,502 Replies: 94

Viewing posts 1 to 45

leafoAdmin4 years ago (1 edit) ( 7)

Hello,

We’ve recently pushed out an update to all HTML5 games that adds a JavaScript based sitelock. If it detects a game from itch.io’s CDN is being loaded from a non-itch.io URL it will show a warning and provide a link to the itch.io page.

There are over 100k HTML5 games extracted to HTML on our servers. Although we tested as best we could, there’s still the potential that things break.

If you’re having an issue with the sitelock then please leave a reply here describing what’s happening, and include information about your setup/browser. If you run any browser extensions please try disabling them and trying again before reporting the issue (include the extension that caused a problem).

I'm a game owner trying to embed my game...

You can use the upload embed tool on your game’s dashboard. Please do not use the direct link for our CDN. That is not allowed, and this sitelock will now block that type of access. Thanks

Ömer Akyol4 years ago( 3)

Wow, great update. Nearly all of my games at itch.io hijacked by browser game hosting sites. I wanted to add some site lock mechanism at first but probably it won't work correctly, plus it will block the legitimate players as well. Also its not big deal for my side, as long as my game is played I'm happy. My only concern was, my connection with the player is cut by some silly ad bloated thief site :) . Maybe player wants to make a bug report or write some comment, but can't reach me.

I noticed I've been getting extra traffic on my itch.io game pages in these days. Mostly from external game hosting sites. So auto site lock update works perfectly, nice work.

leafoAdmin4 years ago (1 edit) ( 3)

That’s great news that you’re seeing new traffic! On the referrer analytics, look for a URL that looks like itch.io/embed-hotlink/ and that will tell you how many people are coming directly from the automated sitelock.

Donny644 years ago( 1)

So... I try to play a Itch.io game on CrazyGames.com, my FAVRIOTE gaming website, which went not so good. It said I had to stop and go here to play, which i thought was DUMB. I always go on CrazyGames.com a lot. And I mean a ~~LOT~~. So much that I never want to change webs. Why not let 2 sites (CrazyGames.com Itch.io) play their games instead of 1? It will give CrazyGames.com more fun stuff! It will also make me happy!

Donny644 years ago

really.

D. Deschamps Magnetiques4 years ago

Hey !

One of my game for a gamejam doesn't work anymore, and a link leads here so...

Can you help me ? I already look a little bit stupid on streams showing your hotlink issue... 🥺

At least it was not a stream for the gamejam results... 😀

https://d-deschamps-magnetiques.itch.io/msh2019-simulator-2020

D. Deschamps Magnetiques4 years ago

Hey! I got it!

It must be because the game loads itself in an iframe at the end!

Actually my game jam entry is an adaptation of the game jam entries themselves and you can play my game in my game. And yes, I must confess that it's silly.

But when you check that the game is not hotlinked, do you look at the domain ? Or a game loaded from an iframe is considered an hotlinked one ?

Thanks !

leafoAdmin4 years ago

If you’re embedding your own game, then I recommend using the official game embed support detailed here: https://itch.io/updates/introducing-game-embeds

For embedding other games, I’m not sure I have a solution for that right now. Are you doing that?

D. Deschamps Magnetiques4 years ago

No, I only embed mine. The other ones were only videos.

Thanks a lot. I will follow your link.

EddieOne4 years ago (1 edit)

We removed all itch.io games from Y8.com and several other websites. Although we do the same thing, I have been arguing against it because it means less players for developers and less links for sites that distribute content. It's a lose, lose for everyone in my opinion. For game developers that want the biggest player reach, I suggest gamedistribution.com instead of itch.io.

leafoAdmin4 years ago (6 edits) ( 1)

Edit I misread the original post and replied incorrectly assuming they were associated with Y8 games. I clarified below. Sorry about that to anyone reading.

View original post...

I believe you removed them all because:

you no longer make ad revenue off our stealing our bandwidth
showing a page that tells the user that you are stealing from us is embarrassing

We have an authorized way for developers to create iframe embeds for their games, but what you did was steal without the permission of developers.

I doubt that you feel any sort of remorse about this, as I’m sure there are many other domains on your platform you’re hotlinking without permission that you have no intention of removing. You steal until you’re caught, rinse & repeat, all while showing as many ads as possible to extract as much money as possible.

EddieOne4 years ago (2 edits)

I'm just a developer. I've been making games for nearly 20 years, so I don't get emotional about business. It was commonplace to freely distribute Flash games. As a developer, you should intentionally make games that will be picked up by other sites, more players and more money. If someone wants to "steal" my games and iframe them on their site. Please do so, I would be very thankful. The increase in players offsets any tiny bandwidth cost.

Maybe itch can not monetize games that are iframed? I don't work there, so I can't offer much advice. Sounds like a technical problem with the business model. Blocking distribution is causing losses for both itch and the developers that use it.

We do allow links and advertisements inside games. Blocking distribution only gives short term value and eventually results in publishers removing those games. If there is no value for the publishers to publish games, there is little reason to maintain those links to itch and the developers that use this site. Like I said before, we made the same mistake, so I'm speaking from experience, not just self interest.

EddieOne4 years ago

I added my game, so now technically itch is hotlinking Y8. 🤣 https://eddieone.itch.io/banjo-panda Thank you

leafoAdmin4 years ago (2 edits) ( 2)

Don’t purposefully break our terms or the terms of other platforms, even if you’re making a joke, or we’ll have to suspend your page. Thanks

leafoAdmin4 years ago (7 edits) ( 2)

I’m sorry, I completely misread your post. I thought you were someone associated with Y8 since your account was just created and didn’t have any games on it. If they are your games we give you a tool to add iframe embeds on other sites, check it out here: https://itch.io/updates/introducing-game-embeds

Really sorry about the confusion, I’ll edit my original post to clarify.

As a developer, you should intentionally make games that will be picked up by other sites, more players and more money

It depends on what kind of developer you are and what your goals are. This is not true for everyone. In fact, it’s not true for the vast majority of people who upload html5 games to itch.io. Additionally, we took issue with the hotlinking specifically. These other portals could take the games and host them themselves, but they took the laziest approach possible.

Blocking distribution only gives short term value and eventually results in publishers removing those games

I’m not sure what you mean by short term value here. But in any case, we don’t work with publishers who mass publish HTML5 games for portals. We are a self publishing platform for developers to use directly. We want developers to have control over where their property is published.

If a developer wants to build a game packed full of ads, and get it loaded into as many portals as possible that’s fine for them. But, that has to be a choice the developer makes. I hope you understand out stance. Thanks

Deleted post4 years ago

Deleted 4 years ago

Deleted post4 years ago

Deleted 3 years ago

Deleted post4 years ago

Deleted 3 years ago

hardcaz3 years ago

how did you do the iframe load method

hardcaz3 years ago

its been a while lets talk on my mail or discord(if you have a discord)

mail:[email protected]

discord:cypherpunks#9424

or message me on skype

-cypherpunks

DaedalusMachina4 years ago( 2)

You are not a 'developer' you are a plagiarist and a coward. Don't try to hide behind the 'but i'm a developer too look at my EXPERIENCE' garbage.

Attribution is REQUIRED for anything linked to or used. Your website(s) do the absolute bare minimum they can get away with because you know most indie devs will either not know or not care to file DMCA takedowns on every web portal that plagiarizes a hosted version of their game.

Web portals are trash and always have been malware-ridden stains on the internet. Gamers use Steam, GoG, itch, and other distribution stores to play games instead. If people want plagiarized spyware-encumbered "free" games, they realize that those have almost all moved to mobile (the new dumping ground unfortunately).

Speak for yourself and never presume to speak for other devs. Plagiarism is one of the biggest problems still infesting the internet.

jeremyredhead4 years ago (3 edits) ( 6)

The embeds also fail if you're using an addon like Smart Referer to (try to) your preserve privacy.

I'll try to file an issue and get itch.io & it's CDN properly added to the default whitelist.
@leafo, could you link me to an example of a legally/properly externally embeded itch.io game?
Also, can v6p9d9t4.ssl.hwcdn.net be safely harcoded? (or will a more generic exception be needed like *.ssl.hwcdn.net ?)

Meanwhile, to any other users like me, adding this exception did the trick:

Source	Destination
*.itch.io	*

leafoAdmin4 years ago (1 edit) ( 2)

v6p9d9t4.ssl.hwcdn.net is the domain for our HTML5 CDN, ssl.hwcdn.net is too broad so it should be avoided. We plan to migrate HTML5 games to to *.itch.zone at some point, but we’ve held off for quite some time now because of potential issues, but you can also add it for future proofing.

Here’s a page with an itch.io embed on a different domain: https://leafo.net/itchio_embed.html

Beuc4 years ago( 2)

How about disabling sitelock when there's an empty referrer (means the player uses whatever privacy extension)?

leafoAdmin moved this topic to Ideas & Feedback 4 years ago

SkyCharger4 years ago( 1)

Could you please add a check if the supposed deeplink comes from the game's itch.io page? (I sometimes use "show only this frame" on games that do not seem to play nice with full-screen)

Deleted post4 years ago

Deleted 2 years ago

leafoAdmin4 years ago (2 edits) ( 1)

It sounds like you’re using some kind of browser extension that is changing how your browser works and is preventing our code from detecting what site the game is being loaded on. I recommend whitelisting our domains. You should let your browser send ancestorOrigins or referrer to the iframe hosted by us. Once you figure it out, if you can tell us what extension/option was blocking games from loading we can look into adding a workaround for it, or provide instructions directly on the page.

Regarding the amp page, we had an issue where we believed the code and page we created was getting blocked by some networks’ firewalls, so we used the amp cache as a quick way to load the page through an alternate URL. There is no personally identifiable information on this page. I’m sorry you don’t trust amp, but we’re unlikely to change it. If you update your extension settings then you should never see that page as long as you’re loading games from itch.io. Thanks

Deleted post4 years ago

Deleted 2 years ago

leafoAdmin4 years ago( 2)

I don’t understand how you jumped to the conclusion about us not trusting our users. We added the sitelock to prevent random sketchy game sites from ripping us and our developers off. If it’s not working for you when viewing a game on itch.io, then you’re right, it’s broken.

I suggested testing what extension is causing the issue so we can identify why it’s blocking it and implement a fix to allow you and others to play games on site. The only third-party javascript we load on a project page is going to be google analytics, but you can continue to block that if you’re concerned.

Thanks

Deleted post4 years ago

Deleted 2 years ago

leafoAdmin4 years ago (1 edit) ( 1)

But origins are not since they are part of security policies and checking for modern browsers. We attempt to read the ancestor origins of the frame, and only read the referrer as a fallback for older browsers.

Deleted post4 years ago

Deleted 2 years ago

Sam from PBG4 years ago

This feature just decreases games visibility, even hotlinked games drive attention to the game and benefit to itch.io SEO. Restricting it will both drop Itch.io SEO and amount of gameplays games receive.

It's actually worse if games are downloaded and rehosted IMHO. At least for similar reasons image hosting websites do not protect images from hotlinking.

leafoAdmin4 years ago( 3)

That’s not how SEO works. Additionally, we have an official way for developers to generate a URL to embed their game on other websites if they want to distribute their game elsewhere. Thanks

kimbawin4 years ago

Hi, I linked my itch.io game onto my portfolio website and it was flagged as having been stolen. It's my own game on my own website. If you could rectify this, it would be much appreciated.

leafoAdmin4 years ago( 3)

Hello,

If you go to your game’s edit page, the go to the Distribute tab you can find a tool to create embed code for your game itself. Use that instead of trying to pull our CDN link directly out of the source of your page, we don’t allow that. Tell me if you have any issues. Thanks

D. Deschamps Magnetiques4 years ago

This feature broke my submission for a gamejam.

The magazine that endorse the gamejam make a review of all games but mine as it was f*cked up on itch.io.

Well... Actually it's to late to change anything and it's funny – in a very special way – to be the only one with a broken submission.

But well... That joke is not worth the maybe 30 hours I spent on this gamejam.

All I can hope, as I work in software development, is that you could have some more experience after «that disaster» (that the way I refer to it when I think about it) to avoid unexpected behaviours.

Thanks.

leafoAdmin4 years ago

Hey, I’m not sure why you’re posting again on the bottom. I gave you instructions how to use a game embed URL from itch.io to embed your game on another domain further up in the topic though. Are you unable to use it? Did it not work?

D. Deschamps Magnetiques4 years ago

Well, it's hard to explain but my submission use iframes with itself in it (the app load the app which load the app in frames).

But itch seems to prevent iframes. Not only iframes from other domains.

That's the point.

I feel a little bit angry for a lot of reasons, not only after the sitelock update. The gamejam was planned for August 2019. It was then decided to add one more month. Then the magazine take two more months to set the winners and another month before announcing the winner (the next magazine printing. And the sitelock update comes in the middle of all those delays.

It's bad luck as if any of those steps did not happened, I would have not face any issue.

So yeah, there is a little bit of bitterness in all that stack of events, unfortunately for myself.

Is it your fault ? No, it's not your only fault. Is it the gamejam endorsers one ? No, it's not their only fault.

Is it mine ? Yeah, sure. I should have switch from web to downloadable content sooner than what I do.

But the sitelock update should not have prevent a legitimate Itch.io hosted game to run on the Itch.io platform. That's what I tried to explain (not in my native language).

leafoAdmin4 years ago( 1)

If you are the creator of the game then you can generate embed code from your project’s Distribute edit tab that you can safely use inside of your project. We only block direct CDN urls.

DaedalusMachina4 years ago (1 edit)

Consider this a crash course on why 'hotlinking' is bad and why you should feel bad that as a 'game developer' you think it is ok to use that as standard practice.

There's a way to embed it properly or host it yourself as a fallback. It isn't itch's job to permit hotlinks from their CDN for you or anyone else.

Also iframes within iframes within iframes is such a screwed-up system that you might be learning gamedev for browsers from some book made for Internet Explorer 6 back in 1999. Time for you to learn HTML5 and the proper way to do game embeds from the itch platform.

PurpleViper4 years ago

This game isn't working

https://studio-black-flag.itch.io/click-of-cthulhu

it will like half load unity an then crashes saying im not using itch.io.

turn't off all my extentions

leafoAdmin4 years ago( 1)

What browser are you using? I had no issues starting it up just now.

PurpleViper4 years ago

im using mozilla firefox. and lit only found this

leafoAdmin4 years ago( 1)

I wasn’t able to reproduce it on my version of Firefox. Are you sure you disabled all extensions? You said it crashes, does it show anything else?

DaedalusMachina4 years ago

Try using 'Firefox Portable' from PortableApps or another website of your choice. That'll isolate any system issues and should permit you to load up the game.

firecat4 years ago( 3)

I found the problem, it seems like if anyone has an extension that blocks referer or spoofs it. The HTML game will send it to the itch.io page about game being stolen or hotlink. More information here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer

leafoAdmin4 years ago

Can you share what extension is it? I’d like to try to identify them so I can either include instructions or code workaround.

firecat4 years ago (1 edit) ( 2)

I use ematrix a copy of umatrix on pale moon browser. Inside the 3 dotted lines next to the power button you will then see the switch for "spoof referer header".

Deleted account4 years ago

Deleted post

Aoifee4 years ago( 3)

Firefox has a built-in feature which allows you to open a frame only in a tab, i.e. cutting out the other website clutter. This triggers the sitelock thing, even if it was accessed from itch.io . Dunno how possible it would be to allow this while still stopping theft but it'd be very convenient.

CyberneticSusurrus4 years ago

Same issue here. Which becomes a problem when some games don't want to load otherwise.

Beuc4 years ago

How about letting devs decide whether they enable sitelock?

leafoAdmin4 years ago (1 edit) ( 1)

You can do this by using the game embed tool: https://itch.io/updates/introducing-game-embeds

Beuc4 years ago( 1)

I don't understand: when a privacy-enhanced user checks a game's page (e.g. because they found it via itch.io search), they just get the sitelock warning indefinitely and confusingly. Are you saying gamedevs need to ensure users play the game from outside itch.io via an embed?

Just let us decide whether to enable it.

leafoAdmin4 years ago (1 edit) ( 2)

I think you’re talking about two separate things,

when a privacy-enhanced user checks a game’s page

If someone is seeing the sitelock on the itch.io page that’s a bug on our end. We’re looking into fixing it

Are you saying gamedevs need to ensure users play the game from outside itch.io via an embed

If someone wants to host their html5 game on another site, then they need to use the itch.io embed. We will no longer allow people to use our direct CDN links. It was abused too much. This is in line with how we do downloadable games as well: we don’t provide direct links to files, you must go through itch.io to download. This is important to help keep the platform alive by letting people discover itch.io. I hope you understand, thanks

(There are other advantages to using the itch.io embed code as well: we can make features like analytics and in-game APIs work seamlessly)

finbikkifin4 years ago( 1)

Persistently getting hit with this on https://watabou.itch.io/toy-town (latest firefox, ublock origin, https everywhere, privacy badger) but other pages (like https://watabou.itch.io/medieval-fantasy-city-generator ) are working perfectly fine. Tried disabling extensions, same problem.

leafoAdmin4 years ago( 1)

Can you share what your browser privacy settings are on firefox? Under the “Enhanced privacy protection.”

If possible, you can try adding https://watabou.itch.io/ and https://v6p9d9t4.ssl.hwcdn.net to the exceptions list to see if it makes any different.

I think long term we’re going to change our implementation to something that doesn’t rely on referrer data.

Thanks for testing

Mysideep4 years ago( 1)

hey! im playing a game in browser on itch.io but it keeps telling me ive stolen or hotlinked it?? i dont know whats going on! thanks!

Mysideep4 years ago

The game is called Known Unknowns, and it's great!! But I'm definitely playing it on itch, using the in browser player! It's a delight of a game, and even though I'm finished with it, I'd rather other people not have to deal with this issue! Thanks!

JohnDoeNews4 years ago

I noted a weird link in my analytics, as source of traffic.
It started with itch.io/embed-hotlink/ and then a bunch of numbers.

Clicking it, I saw someone tried to steal/hotlink my "game" (which wasn't even really worth stealing.)
But I can not see which site tried to hotlink my game.
Is there a way I can find this out?

leafoAdmin4 years ago

If you see that link in your referrers then that means that our sitelock has redirect users from a site that tried to steal your game to your itch.io page.

We don’t record analytics for where the embeds are coming from, so we’re unable to tell you where the site was being embedded. Sorry

JohnDoeNews4 years ago

Oh bummer. Might be a great option if that is possible in the future.
Knowing someone tries to hijack your game is good, but knowing who it is would be even better.

Thanks for your reply anyway.

Dr. Ludos4 years ago (3 edits) ( 1)

Hi, I've just noticed that one of my browser game is no longer working when played from itch.io.

The HTML5 game simply no longer loads in the "frame" that contains it. And when I try to directly open the page inside this frame to play the game (using Firefox => open the content of this frame in a new tab feature), I got a hotlinking/stealing page that told me to post here.

So here I am! The game with the issue is this one:

https://drludos.itch.io/shootanoid

It's a standard HTML5 game embedded on itch.io (single html5 page), the game is made with the TIC-80 fantasy console.

Can you please fix it if possible?

Thanks a lot for your help!

Alessandro "NeatWolf" Salvati4 years ago

I just tested it and the issue is still there for me :/

racascou4 years ago

I'm not going to update itch every time my game is updated, also the lock makes the referal broken.

So why don't you guys just add a "embed external game URL" for HTML5 games next to the zip/html file upload and make it easier for everyone?

leafoAdmin4 years ago (1 edit) ( 1)

So why don’t you guys just add a “embed external game URL” for HTML5

We want people to upload their games directly to our platform and not use the “External link” feature. External links can break and tend to provide a poor user experience. (They break our apps ability to auto-update, we can’t track when files are changed, people provide links to things that aren’t direct files, it’s hard for us to verify that links are still correct and work, etc.) We will be deprecating external links for downloadable games in the future.

I’m not going to update itch every time my game is updated

Just like downloadable games, if you want to update your game you should upload a new build. Depending on how technical you are, you can automate this using a CI provider and butler.

also the lock makes the referal broken

Can you explain? The sitelock code does not change how games have been embedded, it’s a script that runs after the game is loaded that checks where the the iframe is located.

racascou4 years ago

I understand and respect the decision, just note that it does come at the cost of risking to have outdated games because of the upload process.

About the referal, I mean that the google analitics referal list shows "someID.ssl.hwcdn.net" instead of the usual itch.io link. Not a big deal, and I think it's not hard to fix.

Alessandro "NeatWolf" Salvati4 years ago

https://squidsquadgames.itch.io/tanuki-sunset

Free game, same issue, 160 days later :/

Is there any fix yet? I periodically stumble on this kind of issue.

Could you please fix that?

slavik_korn4 years ago

Hello! My site is game-game.com.ua. And when you open your game on it, I get this answer: http://www.game-game.com.ua/183501/

BigLeadBall4 years ago

I bought it and I'm loading it from https://quasiotter.itch.io/no-secrets but it says I can't load it. I'm using FireFox on Linux.

PC0124 years ago

https://ejadelomax.itch.io/sortinghatchats isn't working while on itch.io itself.

leafoAdmin4 years ago

What browser/extensions are you using? I don’t see any issues testing on Chrome with no extensions

PC0124 years ago

Oh, nevermind, I got it to work by turning off Smart Referer! Thanks for reminding me to check what addons I had, I hadn't thought any of them would mess with it like this.

candle4 years ago (1 edit)

Hey I think this is what is causing my issue (https://github.com/itchio/itch.io/issues/1083) with flicksy (https://candle.itch.io/flicksy), which relies on being able to fetch its own javascript source code. I'm not trying to access it from outside of itch at all, but the javascript code seems to end up on a different origin to the page that's actually running it when you launch it from the itch page. Is there a way to disable this?

I tripped over this because my code assumed that the only script tags in the page were my own--I have an issue (https://github.com/itchio/itch.io/issues/1083) where I described how I'm working around this now, but it would be good to have a less hard-coded way to do this.

Tim Magee4 years ago (1 edit)

Hi,

I'm having trouble running any of the web-based games.

An example is

https://damonwakes.itch.io/draw-nine

I've seen people mentioning the Referer: header so I captured it with the network tab of the developer tools:

Referer: https://itch.io/bundle/download/<possibly sensitive bit>?page=53

... which looks intact.

Thanks,

Tim

Edit: using Firefox on Windows.

leafoAdmin4 years ago

In this case, the referrer will not matter. It’s possible you’re using some privacy extension or browser setting that is preventing the browser from operating normally? You may want to try temporarily disabling those things to see if it makes any difference. An alternative approach, you could try running the HTML5 games in our app, as it will let you download a local copy of an HTML5 game.

Hope that helps

Tim Magee4 years ago

Thanks for the reply leafo.

Yes, I'm using umatrix in the browser and privoxy in the router, but I'd already tried bypassing both those.

I'm not really an 'app' sort of chap, so in the end I've installed a different browser on a USB stick for use with itch, and games are running OK on that. It's like using a dedicated app, but with more buttons & switches exposed. You can never have too many buttons and switches!

Cheers,

Tim

scratchie4 years ago

https://jamie-rollo.itch.io/gamut-maker ... this is hitting issues. I'm not the developer, but the customer. Am very much about privacy, so won't be turning off add-ons. Can't believe how broken itch.io is suddenly, especially when have paid for things, and devs need to have games easily seen and accessible. Terrifying to click through into my Library, then onto a purchase, and to see 'you're not on itch.io' plus a huge red square. Was it specially designed to look hacked and worry people? Seems so, as the relevant notice is in smaller print, and actually took a while to see. I'll need to not use itch.io anymore, but will support devs who direct me to a secure link/site where I can support them/make a purchase.

Drewleet3 years ago

It won't let me play cuz it says i hacked it when i played on the site pls fix this

Drewleet3 years ago

ok you probs kno why im here so bai

mid3 years ago (1 edit)

No, we don’t. You didn’t mention the exact issue you’re having.

xalezar3 years ago

Hi there, I'm trying to sitelock my html5 game so I made it only run if the domain is "v6p9d9t4.ssl.hwcdn.net" which works in the browser. But today I installed the itch desktop app for fun and noticed the game does not run. Are there any other domains I need to check against?

xalezar3 years ago( 1)

Nevermind, I just realized it's because HTML5 games need to be downloaded and installed locally to play it through the app. It seems that my music mp3 assets are exposed. Is there anyway to obfuscate that? (Or is there something I need to do outside of itch.io prior to building my files?) Because I spent a lot of time composing and producing those soundtracks. Would be sad to see them get stolen and used elsewhere.

mid3 years ago( 2)

This is not possible, I’m afraid. Any files the game needs will be downloaded and thus on the player’s computer. And security through obscurity has been shown to never truly work. Your best bet is to send DCMAs every now and then.

securas3 years ago

Hi everyone! I'm a bit of an idiot regarding this sitelocking mechanism so here are a few questions:

- Is there a procedure to perform to protect one's html5 game or does the autolock actually run automatically?

- My game (dracunite for the lowrezjam) has been stolen by a bunch of sites... So... I was assuming that if the autolock is working automatically... It no longer is or these sites found a workaround it. Is there anything I can about it?

thanks for any help!

And the culprits I found on the first page of a google search...

https://arcadespot.com/game/dracunite/

https://kbhgames.com/game/dracunite

https://gamasexual.com/dracunite-game/

https://www.y8.com/games/dracunite

xalezar3 years ago( 1)

An older version of my game has been stolen by some of the same culprits you list. But then I discovered sitelocking and it's been fine since then.

To my understanding, you just have to check what domain your game is hosted on. I don't know what framework you're using, but in Game Maker Studio 2, what I do is first grab the domain using

domain = url_get_domain();
    
if ( domain == "v6p9d9t4.ssl.hwcdn.net" || domain == "uploads.ungrounded.net" || domain == "b-cdn.gamejolt.net" ) {
    legit = true;
}

Then I ask the game to run if "legit == true", otherwise, display a UI that shows my game's logo, URL and an explanation that you can play it on itch.io. "v6p9d9t4.ssl.hwcdn.net" is the domain to check for for itch.io.

Hope that helps.

securas3 years ago( 1)

Thanks! I'm using godot and I'll try to implement something similar to this!

Unicorpse3 years ago (1 edit) ( 1)

Hi, I've been trying to make my game accessible via source code but am getting this error:

"You're seeing this because the site you loaded the game on tried to steal or hotlink it from itch.io. Play the original game safely & securely on itch.io."

The game is on itch though, and I am the owner.

Is it possible to resolve this please so that the game can be included in other collections via source code?

Here's the game/link that brings up that notification ^ https://itch.io/embed-hotlink/2046604

strangeglyph3 years ago (1 edit)

Hi, I'm getting the sitelock issue on https://impbox.itch.io/encumbered (among several others), using Firefox Nightly. This issue even persists after turning off all privacy extensions and disabling Enhanced Tracking Protection for that page.

EDIT: The solution was to turn off network.http.referer.spoofSource in about:config, but that is not a long-term solution to the problem.

RetroWonder3 years ago

I tried playing a Dr. Ludos game & it brought me here https://itch.io/embed-hotlink/1005038

BigLeadBall3 years ago

I'm using firefox on ubuntu with an adblocker and I can't play games on itch.io

I completed https://rbatistadelima.itch.io/out-there and it did a thing and then I got the site lock notification

baronweaver3 years ago

Hello, I got the game through a bundle but when I come to play it it just keeps telling me I should be playing it on Itch.io. I have tried it with adblock and everything else disabled. Is there a way to download the game by chance?

Evolutionary Games3 years ago

You would have to go the developer's page on itch.io and play it there. Alternatively, you can download and play it through the itch game console.

baronweaver3 years ago

Oh thank you! Could you link me to the console please? I just find games tagged with console when I try.

Evolutionary Games3 years ago

Download App - itch.io

baronweaver3 years ago

Thank you again!

Horatio Von Becker3 years ago

Hi! I'm using Waterfox. None of the browser games seem to believe I'm actually on Itch.io? I've tried disabling my addons; no luck.

Any idea how to fix it?

merwok3 years ago

Hello! I saw this for the first time today. For months I’ve got used to open the iframe in a new time to avoid javascript sandboxing errors (indirect call to null and others) that prevented many games from loading. It could be firefox third-party tracking protection and/or privacy plugins that cause this. It was fine to get these errors when the workaround worked, now I’m not sure what to do.

leafoAdmin moved this topic to Developer Updates 2 years ago

Sonic15 days ago

I just wanted to play sprunki phase 1

leafoAdmin14 days ago( 1)

Then play it on itchio instead of the scum websites that steal the game from us.

Log in to reply Join the discussion. Log in or create a free itch.io account to continue.