jasonlam510
commented
5 months ago of cuz not asking SRO:) your last idea is the answer.
Open TrulyBright opened 5 months ago
jasonlam510
commented
5 months ago of cuz not asking SRO:) your last idea is the answer.
TrulyBright
commented
5 months ago I see. Thank you for the kind reply and the convenient website 😊 I'm worried that exposing the API endpoint to be searchable online might leave it at risk of DDoS, though I think an actual attack is unlikely. I hope the SRO has some security measures.
jasonlam510
commented
5 months ago Yea....i feel shock that the api doesnt require any authorise... I know what i hv done but they have responsibility too(security and stupid app). I dont think SRO take any action on that but ITS, SRO wont care about this.
The objective of this project is to provide a convenience alternative way to look up laundry status, i dont expect anyone misuse the api.
Btw i will review your code after exam:) thank you for yr contribution.
I'd like to know how the API endpoint
fetchUrlwas obtained. Possible ways to do so in my mind are asking the SRO, decompiling the CityU app, intercepting its HTTP requests, etc, ...