Glitch needs a custom header

Can you explain what it does?

Prints a glitched up text version of ‘powered by glitch’ in the console/

image

I don’t think is what OP meant by adding a header, as this has nothing to with headers. Headers are sent from a remote to a client, or from a client to a remote. Headers are considered meta information in a HTTP request, meaning that before the client or remote receives any body data they’ll do handshakes and exchange information such as headers.

2 Likes

tl;dr;

Its info from the server used by your browser when you visit the site. However, they can also be used by humans to get info about a site.

Ok. ‎‎‎‎‎‎‎‎‎‎‎‎‎‎‎‎‎‎

Well, this would probably be a problem for Glitch because users may not want Glitch’s name to be on their projects and they would move to another service.

I don’t really see why having “Glitch” in the server headers is an issue. Many services and hosts add headers. Cloudflare adds headers and they have millions of customers.

3 Likes

I stole the idea from AdInPlay. If you go to mayank1234cmd.glitch.me on the console (ctrlShiftI) it shows it in colored

Edit 2: Added it in mayank1234cmd.glitch.me/glitchPowered.html

people would get unahppy if they found javascript was being injected they might even devise methods to counter it

The Glitch header would be sent by their proxy, not injected to the projects source

1 Like

Would still be injection. They are putting code in their code.

“Code Injections” by Glitch are nothing new. Glitch has a proxy infront of every project to prevent pings.

1 Like

It’s not code injection, it’s proxying. The two topics are entirely different and cannot be compared up to one another.

The specific task of a reverse-proxy is forwarding the request of a client to a server, and send back the result. However the proxy is modyfing the returned headers, which is not considered injection it’s considered a man in the middle attack, however this is not an attack because it’s intended for their proxy.

1 Like

Hence the “code-injections” in quotes.

Bump, this really needs to happen!

4 Likes

Bumping this thread again because this quite important.

Right now when a Glitch site is behind Cloudflare, there isn’t a way to verify it is on Glitch, which is a bit of an issue.

1 Like

You can actually check if a project is a glitch project using this:

https://api.glitch.com/v1/projects/by/domain?domain={project.domain}

However, this only applies if the domain is proxied by Glitch. If a person decides to use their own reverse-proxy there is simply no way of knowing, because a custom reverse-proxy could just block the Glitch header anyway.

However, because of the few amount of people who have the ability to host their own reverse-proxy I still think it is worth it to add a custom Glitch header!

https://cdn.riverside.rocks/a/sphynx-ocicat-sauroposeidon.png

It sounds quite neat but I can’t get it working. Does it require a authentication header?

It appears not to be working, I’ll debug it and see what I can do on my end. Give me a few moments and I’ll get back to you.