[netsharc]

Semi-related: On the old F1 website, they'd post the lap and sector times of drivers during an F1 session (practice, qualifying, race). First it was a Java app which had all the data, and then they got fancy and wrote it in JavaScript, and enshittified it: if you don't subscribe to their premium... website offering?.. you just get colored sectors whenever the driver's finished that sector (yellow as they've passed it, green if it's the fastest time they've driven through this sector, purple if it's the fastest of anyone, in the current session). I was wondering if they still had the sector times and just hid it on the frontend, and it was the case. There was an if-block that was called during initialization that checked if user was premium. Adding a breakpoint and adding a condition to set premium = true got me the sector times!

And then they changed their app to use Unity and WASM, and it's all Assembly-esque in the developer tool.

[jwrallie]

It’s always good to take a look, many things are decided on the client side, and developer tools are part of the browsers anyway.

The other day I wanted to make reservations for a service to send my luggage from the airport to my house in Japan, and the form was giving me errors.

Searching for the error string around I realized there was a timeout set on the client side, so I increased it and could slowly but smoothly fill in all the information that required a server check.

I guess they never bothered to debug their system when accessing it from the other side of the world. All it needed was a few extra milliseconds for the requests to arrive in time.

[kotaKat]

A major ISP's "outage check" feature sends all the data back client-side for the actual outage ticket, including circuit IDs, dispatch status, and if the outage is valid for customer credit. I now just hit that API as needed to check when shit goes sideways.

Meanwhile, if you put your ZIP in you just get a little friendly "We're working on it! :)".

I love data firehoses like that.

[lewisleclerc]

One of the dating apps with a web interface had a separate API to increment message counts sent to users. Non-premium users could only like profiles or send a limited number of texts. I simply blocked that API and was able to use the app like a premium user

[emptiestplace]

Leave some matches for the rest of us, Lewis. :<

[jillyboel]

Yep, this is why I'm not a fan of WASM. It's going to make debugging/reversing webapps much, much harder while that has always been one of the charms of the web.

[weikju]

Also makes learning from other sites much harder, which I think is another fundamental appeal of the web.

[dizhn]

Almost the same thing happens on one of the famous online guitar tab playing things and there's a little userscript that "fixes" it.

[pipe01]

https://f1-dash.com/