一樣是今天的 Hacker News Daily 上看到的東西,透過 YouTube 的 Private API 操作 YouTube 的套件:「Youtube.js – full-featured wrapper around YouTube's private API (github.com/luanrt)」。
這些 Private API 就是 YouTube 自己在網站上用的:
A full-featured wrapper around the Innertube API, which is what YouTube itself uses.
也因為這不是 Public API,也就不需要申請 key:
Do I need an API key to use this?
No, YouTube.js does not use any official API so no API keys are required.
當然可以預期他會無預警壞掉,所以可以自己衡量一下要怎麼搞...
比較有趣的是 Hacker News 的討論裡面反而有人在問要怎麼偵測這種 library 或是 bot XDDD
If you’re YouTube or any site, and want to stop these sort of wrappers - what’s the easiest way to do so without breaking your own site?
I find this task to be an interesting engineering problem.
A related question is if there’s an unspoofable way to detect a client.
不過掃了一下好像還好...