Jump to content

Dealing with your HTML5 game if it is being hijacked?


Recommended Posts

Hi guys,


I've recently posted my latest HTML5 game in this forum, http://www.html5gamedevs.com/topic/3424-quacky-mcfly-endless-running-casual-game/, and it's just been 3 days and a website already taken advantage of my game without permission and using their ads to get money from it, which you can find here http://gallery.mobile9.com/f/3782338/?ref=4665. Available for download using unverified Android APK for Android device.


I suspect this guy is using webview as a wrapper to my game directly from my game link, as I tried to download, install and open it, he also got the latest version of the game (I already reset factory settings to prevent any possible spyware, lol).


I do realize that this would happen, but I still haven't find the right way to prevent this and I don't expect it to happen so quickly.


Noow, to the question, my question is not really about them exactly, but I really would like to know if any of you have experience with this problem with your HTML5 game and what you do about it? and what do you do to proactively prevent this from happening either technically or legally (even though you know this may happen, but you do it anyway to delay it)? and if you do not feel a need to prevent it even if there's a chance they can claim your work, why?


Thank you for your opinions/answers.

Link to comment
Share on other sites

One method to prevent this from happening would be site locking your game. During loading screen, check if the game url is from a trusted domain. If you cut the string containing the domain to be checked in parts, it becomes very difficult for a third party to change it to his own domain, especially if you are minifying your script.

Link to comment
Share on other sites

One method to prevent this from happening would be site locking your game. During loading screen, check if the game url is from a trusted domain. If you cut the string containing the domain to check in parts, it becomes very difficult for a third party to change it to his own domain, especially if you are minifying your script.


Nice idea. It's good for those who get the files directly.


What if they're using a wrapper application that has a webview that loads directly from my link, as if it is a normal browser that he can manipulate with? I know how to do this against iframe but I don't know against these native wrapper applications.

Link to comment
Share on other sites

Well, indeed I assume site locking won't work if the game is loaded from your own domain.


I don't know really much about it, but I guess either you change the game url, or you completely block your game if it is running in standalone mode. Both solutions have issues though. Maybe there is another way...


Hope I could help

Link to comment
Share on other sites

A few things to note:


- Always have some kind of credits / linkback to your own game. Even if a game gets plays elsewhere, you'll at least benefit from some exposure driving traffic back to you. This also helps give you the credibility you are the original creator of the work when you request it to be removed from platforms.


- Consider running a very simple server that responds to very simple get requests. e.g. a http request to the url yourserver.com/?game=game_id will return the latest version of your game. Run this request ingame, and if it's different from the one you're hosting on your own website, quit the game and simply show a button linking back to your own website or partners. You don't actually have to change the game at all, but you can simply change the ID number monthly and reupload, should take 3 minutes per game. It's a small effort on your part that can be circumvented by a slightly bigger, yet still smallish effort on the pirates' part, but generally all they do is run a script, download all your files, find a suitable icon-image and package these things in bulk. If the game doesn't work, it's unlikely they'll go through the effort of trying to hack it somehow. So even small deterrents really help with small games that are auto-pirated in bulk, especially by people clueless about anything other than downloading, packaging and uploading other peoples' work.


- Mail the content provider/host. Very often pirates will host or market a game through entirely legitimate sales channels who have a policy of complying with IP-infringement complaints because their business can't legitimately exist if it doesn't honor such requests. While some of such hosts won't go out of their way to fight piracy on their platform, they will generally honour requests to at least keep up the appearance of being anti-piracy. This generally works much better than contacting the pirate himself. Which is the next thing you should do.


- Ignore it. If you look closely, the pirate has less than 400 downloads on 10 games. 40 downloads per game on average. (for your game probably a bit less, e.g. he also pirated Zombies Can't Jump which is probably a big chunk of those 400 downloads!) You're *not* missing out on any revenue. Those 40 downloads are probably worth about 50 dollar cents. If you have a job that pays $15 an hour, spending more than two minutes on this means you have a more profitable opportunity cost haha. For smaller game titles, piracy generally has no effect on your sales, not to the extent that going out of your way to prevent it is worthwhile.

Link to comment
Share on other sites

Just send them DMCA - give them 7 days to respond. If they fail - send DMCA to their host - most of hosting companies will react on it within few days. You can find examples of DMCA/Copyright documents online with no problem.



Here is example form:



Believe me - hosting company will act on this asap. If not let me know, I had run hosting company before so I know how to handle stuff like that :)

Link to comment
Share on other sites

if they are directly wrapping your game. you could try checking for agent info. (Mozilla stuff).. when it's not from a legit browser don't block them.. make the game run in "demo" mode.. put nag screens etc. and redirect the game to your page.


or.. just put a ad inside the game :D


but yeah.. talk to the hosting company. it should be the best way

Link to comment
Share on other sites

  • 3 weeks later...

One thing that might help is to obfuscate the code and lock it to a certain domain or list of domains.

I had a similar problem and found JScrambler to be very effective.


Also, by garbling your code, you reduce the chance of someone tampering with it. Which, sometimes, is the only way a cracker can abuse your code in some way. 


Hope this contributes to your issue :)

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...