Hacker News new | past | comments | ask | show | jobs | submit login

I was scratching my head on how he was capturing requests without mentioning a proxy cert, but then I saw the security note at the bottom.

  You'll see that the data for these products is sent in plaintext to and from their servers
The API seems to have a valid cert and is listening over HTTPS - strange that the app client uses plaintext.

  curl https://api.petkt.com/
  {"error":{"code":97,"msg":"App is out of date, please upgrade"}}



The deadline for YC's W25 batch is 8pm PT tonight. Go for it!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: