Ask HN: How do websites hide their APIs?

[parmenidean]

Apologies for the newbie question -- I've never really programmed a website before, so seeking clarity on this topic. I wrote a website that uses a REST API written in Golang on the backend. When I look at the network tab, I can see all the requests that the frontend makes to my REST API, as well as the full payloads. This makes sense -- any information I want to display on my website has to come from my backend, so there will always be some network call that contains everything needed on the frontend.

What confuses me is how websites like www.basketball-reference.com operate. Trawling through the network tab, I can't find any call to an API that loads the information on the frontend. Maybe this is the dumbest question alive (and please let me know if it is), but how do these websites disguise the payloads from their servers? Am I just not looking in the right place, is it encrypted and then decrypted somehow on the frontend, etc.

[KhalPanda]

It's not a stupid question at all.

They will most likely be rendering the page in full server-side. This is how things were done in the beginning, but also what a lot of websites are returning to, for performance reasons.

[parmenidean]

Gotcha, I think that makes sense! Just to make sure I understand -- on server-side, they're pulling in all relevant information from their own database and whatever 3rd parties are needed (maybe for injury reports, etc.). The server then generates an HTML page that it sends as-is to the client, which just faithfully renders the code? Thanks for the answer!

[beardyw]

And you can go half way by embedding your data in the page and working with it as you do now. Depends on what you are doing.

[KhalPanda]

Exactly that.

[2143]

The other answers already answer your good question.

I just wanted to add:

1. The words you're looking for is "server-side rendering".

2. After a decade or so of Angular, React etc, it seems people (not you, OP) have forgotten that HTTP can transfer things other than json, like plaintext, HTML etc. Whatever really.

3. You might want to read up on the OSI model. Just something to keep in mind. https://en.m.wikipedia.org/wiki/OSI_model

[snehesht]

These sort of websites work by generating html pages on the backend with html templates and sending out the rendered html back to the browser.

Here's an example of it in go - https://gowebexamples.com/templates/

[OrangeMonkey]

Hey, welcome to programming.

I guess my question is - what makes you think basketball reference uses a ton of api calls?

They do have some - search for example - but static sites and a mix of static sites and html works well for a lot of the web and can lower costs tremendously.