Learn to Code via Tutorials on Repl.it

← Back to all posts
Bypassing School Restrictions
AdCharity (671)


Sometimes we just accidentally visit a site we weren't supposed to. And now, your school transcript and record suffers cause you have ** ** ** in your history. Oops! Oh whale 4 you! No. Just kidding. In this tutorial, we'll be reviewing how you can avoid, and even ERASE history on a school chromebook. Btw Method 4 is where the real coding comes in, so if you don't want to read, just stop there.


Schools actually try to help the well being of students by putting up filters and recording history. On the otherhand, if you look up something that's really messed up, there is still something you can do.

Method 1

Don't look it up. The 100% most effective method for avoiding all history problems (and STD's too!) is abstinence. You can't get in trouble if you don't do it.

But what if you already did the deed?

Method 2

If it's nothing serious, but you really want to hide that one youtube video from your dad, there is a way to cloak the tab under "Google Drive". Let's review what it does. The full script is here:

javascript:(function() { var link = document.querySelector("link[rel*='icon']") || document.createElement('link'); link.type = 'image/x-icon'; link.rel = 'shortcut icon'; link.href = 'https://ssl.gstatic.com/docs/doclist/images/infinite_arrow_favicon_5.ico'; document.title='My Drive - Google Drive'; console.log(document.title); document.getElementsByTagName('head')[0].appendChild(link);})();

Note: dots are there to save reading time. It's pretty self explanatory.
1. The first part (javascript:(function...) is just declaring that our bookmarklet is a piece of javascript. Without it, the script wouldn't even be allowed to be bookmarked.
2. var link = document... link.href = 'https://...'; gets favicon (the little thing logo representing the site) and replaces it with the "infinite arrow" google drive logo
3. document.title=...document.getElementByTagName('... the rest of the stuff replaces the document title with google drive, finds the head tag on the document and inserts all of the information we just did before. Now, when you check your history after activating (clicking) on the bookmarklet, your tab has been renamed Google Drive!

There are some pretty cool things you could do with this script - ie: putting it in a set interval to constantly cloak the current tab

Method 3

Well, maybe you went to far and cloaking the tab but not the link ain't going to cut it. How about this script:

javascript:(function() {window.location.replace("https://www.google.com"); })();

A while back, when I was trying to figure out how to make links that wouldn't save in the cache/history (which is why in my more recent projects I have some avoiding cache meta tags), I realized that replacing the window location literally ERASES HISTORY. This script replaces the current tab with a harmless site, google.com (making the other site that was up before GONE).

What is cool about this script, is (at least for me) I can click on any tab in my history, click the bookmarklet, and that particular entry is replaced with google! Some further revisions to the script could be making an array of potential sites and choosing a random one, to make the erase seem more natural.

Method 4

All of the previous examples are kind of like emergency methods. That's why, I'm introducing the use of iframes and embedding sites. A while back when I made Nova Haven (it's still up) iframes were the only method it employed. And a lot of "unblockers" are really just using iframes as well. When I figured I could just make a search thing, take the link and put it into an iframe, I just ecountered a huge relevation. And now, I'm going to teach you how to do the same.
Let's start by making a repl with html, css, and js. Rather than splitting up everthing (I hate those tutorials cause idk what they're doing). Do yourself a favor and look at the code so you know how to create your own projects :D If you find any errors, tell me... What makes this unique is that a lot of unblocked games sites just have an iframe with the site. Now you can unblock almost any site :)

1. take user input for a user url
2. set iframe
3. site unblocked (provided they don't have some fishy protection, which is why you can't unblock discord via an iframe)

Essentially, the unblocker looks like this (hasn't actually been tested, but it's a proof of concept):

HTML + inline Vanilla JS + inline CSS

html, body{
    margin: 0;
    padding: 0;
    width: 100%;
    height: 100%;
    border: none;
    outline: none;
    width: 100%;
    height: 100%;
    position: fixed;
    top: 0;
    left: 0;
<input id="unblock" placeholder="Enter URL"/>
<button id="go">Submit</button>
document.getElementById("go").onclick = go;
function go(){
    var target = document.getElementById("unblock").value;
    if(target.length < 1){
        alert("You need a longer link!"); return;
        document.body.innerHTML = '<iframe src='+target+'></iframe>'


Note: don't forget the doctype! (and other html standard conventions like a body or including scripts/styles)


Interesting tutorial about bookmarklets. Method 4 would not work in my school because they block iframes with "Bad" sites.

AdCharity (671)

@sanjaykdragon Same. But it will work against a lot of filters (or at least it did, which is what Nova Haven possible)

DavidShen2 (1)

My school blocked the inspect element function, so this doesn't work.

bithost (0)

@DavidShen2 What browser are your school using?

AdCharity (671)

@bithost wdym BOOKMARKLETS AREN'T INSPECT ELEMENT. Debes leer por favor

DavidShen2 (1)

@bithost Google Chrome. The inspect element thing is grayed out.

AdCharity (671)

@DavidShen2 bookmarklets are not inspect element. They are bookmarks of javascripts. If you don't understand that, you will not understand what I am attempting to tell you.

AdCharity (671)

@theangryepicbanana lmao I tried education... Method 1 is abstinence

Evanlicious (0)

I figured out that iframe method a year or two ago, but it stopped working due to my security extension, Securly, figuring out how to block those sites too. My best hope is in bookmarklets to exploit Chrome and Securly. Also, I don't believe bookmarklets can be blocked in any way.

AdCharity (671)

@Evanlicious oo securly as well huh? Securly now has iframe support as of about 3 months ago

lchu22 (0)
One last method:

If your school blocks a website on the router level, it would be impossible to access the site with any of the methods listed above. However, you could get a virtual desktop with a browser running using a vnc server. Now, you can do anything you want invisibly. I haven't tried running this on repl.it but check this out: https://medium.com/gitpod/developing-native-ui-applications-in-gitpod-15af2967c24e

AdCharity (671)

@lchu22 if your school blocks on the router level there's two other ways but I'd rather not spread them because they could potentially result in the abuse of repl.it

SeanXiao (0)


AdCharity (671)

@SeanXiao those are bookmarklets. If you can't read (as in the entire thing, sorry), it might be difficult to understand.

PDanielY (432)

Sometimes your school is VERY smart and blocks every way to unblock website. The keyword unblock is blocked on my chromebook

AdCharity (671)

@PDanielY even for this? should I rename it?

PDanielY (432)

@AdCharity No, Its block only the keyword unblock it doesn't block anything else

AdCharity (671)

@PDanielY lmao that's why you intentionally misspell certain words like "proxy" -> "proxie"

Evanlicious (0)

@PDanielY You can either add extra characters to words to get them through, or just use the Google Dorks. (Like intext:unblock website.)

PDanielY (432)

@Evanlicious Yea, I just learned about Google Dorks. Google should've blocked Google Dorking a long time ago

Evanlicious (0)

@PDanielY I would have to disagree with that; they have a lot of good purposes for them, to collect data, to find data, etc. While people do use them for bad things, the good ones outweigh the bad.

PDanielY (432)

@Evanlicious Yea but they should at least moderate it

niorg2606 (545)

This is interesting, I never thought of using iframes for this purpose. My school actually filters the HTML data as well as any outgoing HTTP requests, so I made HomebrewUnblocker to cloak those reqs. Maybe I was a bit extra? lol

AdCharity (671)

@niorg2606 that's pretty cool :D I also included a pdf option on Nova Haven before I took it down (I suggest you edit your comment and hide it too since most people will likely abuse it). Btw I like iframes because you can also block popups with them with the sandbox attribute.

niorg2606 (545)

@AdCharity Waaaiiiiit, there's a sandbox attribute?

AdCharity (671)

@niorg2606 yup I can share a multiplayer repl if u want

AdCharity (671)

@niorg2606 ok I'll add you (you should get a notification i think)

AdCharity (671)

@TaylorLiang ik :D (actually dying rn)

TaylorLiang (315)

@AdCharity that site is

exploitable for meme content