This is definitely a trademark infringement. Don't wait for the C&D, just change it so your name is not publicly (and forever) attached to a legal dispute.<p>It's a cool project, but using Google's name to add prestige and an implicit endorsement is not something that Google can easily abide.
Just in case this becomes popular, I've created <a href="https://googleblade.googleblade.com" rel="nofollow">https://googleblade.googleblade.com</a> to search for Google Blades. :p
Just a little side project here, something I always wanted to build because I get tired of typing stuff like site:whatever.com and intitle:something when doing power searches on Google. Happy to answer questions.
I've spent most of the last 10 years doing some variation of SEO or Affiliate marketing, always happy to try new methods regardless of how white hat they may be. Just fun to try and see various methods for the most part. For what it's worth, Google has always been surprisingly terrible at reacting to spoof sites and use of their trademark in domains. I am big fan of CSE, I use it as the primary engine in over 400 sites ( paid version) and enjoy the analytics integrations, exclusion options and often try to use it for many out of the box filtering techniques in sites ( how about an agent locator search by zip code using only CSE and schema)<p>Anyways, my first application of it was for toolbars downloads for webmasters with CSE for custom searches just like your blades. Profit from each download and the Adsense. It brought about 22k in a year between CPI, Adsense earnings and some built in afflinks for hosting and domain tools plus Amazon cookies for about 6 hours of work and marketing.<p>The point. The joy of CSE is that you can brand as you please, what you are making and the exposure you just got for this concept could be a decent passive income so there is no good reason to risk infringement and repercussions on the Adsense side when your project could easily give you some cash, if you don't need it, then donate it but why risk that aspect, Google doesn't need the help for promoting the product, it powers many an internal website's search for the paid product. Buy an alternate "bladesearch" domain and redirect it and see if it gets any love on the merit of the search concepts you devise.
Is this doing a `site:` search on Google? If it's doing something more, what is it?<p>Also, FWIW, the HackerNews blade doesn't return anything (I tried some pretty basic searches on it.)
If you're wondering what kind of traffic #25 on the front page brings in:<p><a href="https://twitter.com/GoogleBlade/status/811681152046141441" rel="nofollow">https://twitter.com/GoogleBlade/status/811681152046141441</a><p>About 1,000 uniques so far, 20 signups.
Just wanted to update you guys that I took everyone's good advice, and changed the name of this project to <a href="https://bladesearch.com" rel="nofollow">https://bladesearch.com</a>.<p>I'm sorry for any confusion I may have caused in making you think it was a service of Google's. I viewed it as a tribute to one of my favorite services of theirs (custom search engines) and let that cloud my legal perspective.<p>Anyway, I didn't hear from Google, but also didn't want them to have to engage their legal team, so I went ahead and rebranded today.<p>Lesson learned, and thanks again everyone for the great feedback yesterday.
I also managed to execute JavaScript by adding
<img src=x onerror=alert(1337)>
to my blade description, it seems to run on the home-page or here: <a href="https://ftp.googleblade.com/jenoer" rel="nofollow">https://ftp.googleblade.com/jenoer</a><p>Edit: Unfortunately I have to go to bed, if I find anything else tomorrow I'll drop you an e-mail.
You're not validating the provided email address when someone signs up. And note, there's only one 100% correct way to validate an email address: <a href="https://hackernoon.com/the-100-correct-way-to-validate-email-addresses-7c4818f24643" rel="nofollow">https://hackernoon.com/the-100-correct-way-to-validate-email...</a>
I like this one by PeteD - it searches 12 different bike part websites at once:<p><a href="https://bikeparts.googleblade.com/bikeparts/brooks%20saddle" rel="nofollow">https://bikeparts.googleblade.com/bikeparts/brooks%20saddle</a>
I suggest you blacklist a few more subdomain requests, for example, I took ftp.googleblade.com, api., smtp. and could take a few others which could disrupt future expansions on this project.
It looks like your edit profile page[1] allows password changes without specifying the current password.<p>1 - <a href="https://googleblade.com/edit" rel="nofollow">https://googleblade.com/edit</a>