gitwtfhub

wtf is iframe-500usd-challenge?

amaury1093/iframe-500usd-challenge — explained in plain English

Analysis updated 2026-07-17 · repo last pushed 2022-04-12

1JavaScriptAudience · developerComplexity · 4/5DormantSetup · moderate

TL;DR

A $500 coding challenge: build a proxy server that lets StartPage load inside an iframe despite its anti-embedding headers.

Mindmap

mindmap
  root((repo))
    What it does
      500 dollar bounty
      Embed StartPage
      Proxy server
    Tech stack
      JavaScript
      HTTP headers
    Use cases
      Embed search engines
      Learn proxy servers
      Web security puzzle
    Audience
      Developers
      Security enthusiasts
    Rules
      Works cross browser
      No browser extensions
      First PR wins

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Why would anyone build with this?

REASON 1

Build a proxy server that strips iframe-blocking headers from StartPage responses.

REASON 2

Practice working with HTTP security headers like X-Frame-Options and CSP.

REASON 3

Win a $500 bounty by submitting the first working pull request to the starter repo.

What's in the stack?

JavaScript

How it stacks up

amaury1093/iframe-500usd-challenge0xmukesh/docusaurus-tutoriala15n/andrewscheuermann
Stars111
LanguageJavaScriptJavaScriptJavaScript
Last pushed2022-04-122021-12-272015-01-11
MaintenanceDormantDormantDormant
Setup difficultymoderateeasymoderate
Complexity4/52/51/5
Audiencedeveloperdevelopergeneral

Figures from each repo's GitHub metadata at analysis time.

How do you spin it up?

Difficulty · moderate Time to first run · 1h+

Requires building and hosting a working proxy server, not just editing config.

Yoink these prompts

Prompt 1
Help me build a proxy server in JavaScript that strips X-Frame-Options and CSP headers from StartPage responses.
Prompt 2
Explain how I'd forward StartPage's search box, navigation, and JavaScript through a proxy so it still works inside an iframe.
Prompt 3
Review my proxy server code against this challenge's rules about cross-browser support and no browser extensions.

Frequently asked questions

wtf is iframe-500usd-challenge?

A $500 coding challenge: build a proxy server that lets StartPage load inside an iframe despite its anti-embedding headers.

What language is iframe-500usd-challenge written in?

Mainly JavaScript. The stack also includes JavaScript.

Is iframe-500usd-challenge actively maintained?

Dormant — no commits in 2+ years (last push 2022-04-12).

How hard is iframe-500usd-challenge to set up?

Setup difficulty is rated moderate, with roughly 1h+ to a first successful run.

Who is iframe-500usd-challenge for?

Mainly developer.

View the repo → Decode another repo

This repo across BitVibe Labs

Don't trust strangers blindly. Verify against the repo.