upvote
I'm the original author (but not the poster here on HN).

Yeah, I considered that. I even wrote the code in such a way that it supports that. But I'm concerned about the legality of distributing it. Given that it hits API endpoints that were expected to be private to the developers' app, giving away a "tool" that bypasses the app (which hosts ads, albeit for their other products, and so serves as a money-maker for the app's owner) could be illegal.

At the very least, it could be a violation of the terms of service or just an annoyance to the app developer, either of which could lead them to trying to stop me from doing it, which would be an inconvenience. So maybe I'll wait until after the trip, when the page becomes useless to me, and THEN open-source it!

reply
Hey, thanks for the follow up! That makes perfect sense to me. Personally, though, I was thinking more of a "competing service" than a "steal your content" kind of offering.

I know hosting an entire sign up process and user content is not something you can just build and forget about, so my thought was that a sufficiently decent website could bundle a package that could be hosted on existing organization infrastructure. A zip file of the user's content that they could upload to dropbox/drive/sharepoint/etc. Then the consumer page would match a url slug to a package file and serve the content that way.

It's... a lot of stuff for a quick workaround project. And it's a pathology of an engineer to make solutions where solutions aren't needed. So grain of salt on any of that. But I did want to clarify since you were willing to engage with the concept, as understood. Hopefully this proposition strikes you as less concerning/illegal! I never want to steal anyone's work or infrastructure. I just believe that better alternatives - even ones borne of seeing how badly other people are doing it - can and should win out, if people ever provide them.

reply
I wanted to ask, why did you go with reverse-engineering using network traffic instead of decompiling the app locally and looking for endpoint definitions?
reply