Sitelock
This page applies only to the HTML5 and iframe games since the Unity SDK already contains a sitelock.
Protecting HTML5 games
To prevent your game from being stolen by other websites, you should consider checking if the game is running on CrazyGames or not.
An HTML5 game will be loaded from a URL that looks like this https://cubes-2048-io.game-files.crazygames.com/cubes-2048-io/13/index.html
. Your sitelock should check if the origin of the URL the game is currently running on ends with crazygames.com
. Sample code:
If not, you can, among other things, show a message "Available only on CrazyGames" or just a blank screen.
To improve the security of your sitelock, you can consider using an obfuscator (e.g.: https://obfuscator.io/) to obfuscate (part of) your game.
Protecting Iframe games
One way to prevent iframe embedding is by using the CSP header Content-Security-Policy: frame-ancestors [...]
. If you submit your game as an iframe game, you may have already done this to protect it from other websites embedding it. You should be aware however that CrazyGames has a lot of regional domains, for example, www.crazygames.no, www.1001juegos.com, www.crazygames.fr.
This is the full list of domains that you will have to whitelist:
www.crazygames.com
www.crazygames.cz
www.crazygames.dk
de.crazygames.com
www.1001juegos.com
www.crazygames.fr
www.crazygames.co.id
it.crazygames.com
www.crazygames.hu
www.crazygames.nl
www.crazygames.no
www.crazygames.pl
www.crazygames.com.br
www.crazygames.ro
www.crazygames.fi
www.crazygames.se
vn.crazygames.com
tr.crazygames.com
gr.crazygames.com
www.crazygames.ru
www.crazygames.com.ua
ar.crazygames.com
th.crazygames.com
crazygames.at
crazygames.jp
crazygames.pt
crazygames.vn
crazygames.com.vn
crazygames.co.kr
// video ads run on
games.crazygames.com
// other domains
*.crazygames.com
crazygames.* // * can be a TLD consisting of 1 part like .fr, or 2 part like .com.br