Block News Genius Annotations
Recently, Genius released a product that would allow anyone to annotate any page on the Internet.
There’s been a fair bit of media coverage on why such a feature harbors a potential for harassment or abuse, especially given that content publishers have no control over whether their work is annotated.
So, I wrote a gem to block it.
Genius Blocker is a simple piece of Rack Middleware that forces a page redirect should someone attempt to navigate to a site with
genius.it/ prepended to the URL.
I originally set out to accomplish this task by checking the request referer1 for a given URL. My plan was to redirect for any URL that listed
genius.it or similar as the referer. Simple enough, right? I headed over to Request Bin to mock out a request from News Genius so that I could inspect its headers.
I was in for an unexpected surprise.
Hitting my Request Bin URL with
genius.it/ prepended onto the URL and returned a response headed indicating a host of
requestb.in rather than
genius.it. In other words, it appears that News Genius spoofs the URL so that it appears as though the request is coming from the site meant for annotation, rather than Genius. I’d like to believe that this was simply an oversight, because altering headers like this is poor web etiquette. This post is not intended to be another “The Internet is a shitty place” piece, but it does trouble me that an established company that ostensibly attempts to offer a useful service might deliberately engage in this sort of behavior.
Given this discovery, I knew I needed a different approach. Since it seemed unlikely that I’d be able to deal with the request completely on the server-side, I switched gears to a client-side solution instead.
Pretty simple - if a page has the genius URL, a script tag is added to the headers to redirect.
Pop open your web inspector and type
First, I created a variable,
var annotated, which returns a boolean if
genius.it/ is present in the URL. then I force a redirect if
annotated evaluates to true.
Next up is an effort to make the URL checking more robust by looking for a
hostname equal to “genius.it”. This is a fairly simple switch but is a bit tricker to test given that a script tag will still be present no matter what.
The repository can be found here. I love constructive code reviews; if you have comments, please feel free to leave them in a pull request or GitHub issue!