Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@irene Looks like the answer is in the network tab of Google chrome dev tools. But since people here obviously have the experience of API sniffing (Since the devRant API isn't documented anywhere) I was wondering how they did it.
-
TobyAsE28116ySwearing a lot! It helps.
Searching the internet for the little documentation that exists, maybe other people have use the API before you steal their code.
Trying out a lot, even the stupidest things.
And swearing a lot, why those motherfuckers didn't document this pile of shit they call API. -
Reading the source code and understanding the pattern of endpoints.
For example, I documented an API that had
/api/resource/{any document type}/{any document}
and
/api/method/{dotted.path.to.method}
while there can be arbitrary methods and documents. You can find a list of available documents via
/api/resource/DocType
All functions in the source code that have @whitelisted annotation are available via the /api/method endpoint and the dotted.path refers to the folder structure. -
Also, you can use tools like Postman to capture and document HTTP requests:
https://learning.getpostman.com/doc... -
i actually do this quite frequently in order to get (faster) data from various apps as opposed to scraping (getting data from android apps is a walk in the park compared to ios ones, they're literally a security joke!).
it's not that hard once you learn how to capture https traffic and/or remove certificate pinpointing
So how do people figure out API endpoints without documentation?
question