yea, the title pretty much sums it up. Is it allowed for an app to access ressources on api-v2.soundcloud.com?
Is there any documentation for it?
Relevant since I'm currently working on a soundcloud app and I just recognized that most of the calls on the websites itself are done with api-v2. The responses from the server would be extremly helpful to build some kind of infinite streaming which is the feature I like most about soundcloud.com.
I cant speak for SoundCloud, but gryzzly (a former SoundCloud engineer) stated in a previous answer:
Letting you know, that using undocumented APIs is not going in line with the our developers’ Terms of Use.
Related
after reading all the threads on stackoverflow and other platforms, I still wasn't able to find an answer, which satisfies me.
The task:
I want to create a single page application (SPA) which receives data from a REST API. In this SPA, NO authentication should be used. It's a public site.
But the REST API should only be accessible from people who loaded the SPA from my webserver.
I assume this is only solvable with something on server side like sessions, cookies etc. - otherwise I'm open for your suggestions, solutions etc.
Thx in advance!
There's no reasonably easy way to do this. You can easily prevent other domains (in browsers) from accessing a an API on your domain (via CORS), but it's significantly harder to prevent scripts from doing this.
The issue lies in 'how do you detect legit browser traffic from a script'. It turns out that this is not easy. You could try to detect 'unusual behavior' as much as possible (for example a large amount of requests in a short time), but this doesn't stop clients that are slower.
Ultimately if people want your data, they will find some way around whatever restrictions you come up with. You should reevaluate this and use one of the following options:
Don't do an SPA and API. Although one could wonder, if the data exists in HTML it can still be crawled.
Add authentication. But obviously this won't help you in any way if anyone can authenticate.
Re-evaluate why you have this restriction. What are you worried about? If you're worried about people taking your data and using it elsewhere, how does only showing it in a browser from 1 domain help with that? If you're worried about copyright theft, why not use a legal approach to this?
I've seen a lot of these types of questions, but in my opinion I haven't yet seen one that has a legitimate good reason to want this. But, maybe you're the first.
I believe I answered my question myself on a comment 30 minutes ago... I think with captcha I'm able to secure the REST API against unwanted access to my REST API
I want to build simple web based app, where users, for example, could push the spacebar button, and then do something further, like answer a question, and while other users at the same time only sees that this question is not available any more for answer. When user submits answer, everyone see it.
All right, here is an example. I have seen TV shows, where four players have one button, if one or two of them know answer, they hit a button, and one lamp turns on and the first is allowed to answer, while other keeps their mouths shut. I want to build the same idea, but in the web.
But problem is that, I don't know where to start, what keywords I should search for help on google and so on. I see, that it might work on HTML5, maybe JavaScript and so on.
I have idea using Ajax, but request it every second to get latest actions made seems rubbish. Also I found one service called Pusher, but it has limited users in one time, which doesn't fit my needs.
I need just ideas. Thanks.
Before you read the rest, a disclaimer: I work for Realtime.co but I do believe I can help here so I'm not trying to "pitch a sale".
You can check out Realtime (www.realtime.co). It's basically a set of tools for developers to use real time technologies on their projects. It uses websockets but does fallback to whatever the user's browser supports (such as long polling, for example).
Behind Realtime you have a one-to-one/one-to-many/many-to-many messaging system that will transport your messages to and from your users.
There's also a plus which is the fact that the Realtime framework is actually cross-platform. This means that you can even have your web users communicate with iPhone users, Android, users, Windows Phone, desktop applications, server applications, etc..
You can learn about the JavaScript API here: http://docs.xrtml.org/getting_started/hello_message.html#javascript.
You only need to register at Realtime.co as a developer and start using the free license.
I really hope that helps.
Okey, I think I will go with node.js.
Writing all this previous post, made me think in right way :)
Does Safari Reader have an API which one can use to filter the text from a webpage (cleans adverts, unneeded parts of text etc.) for an iOS app?
If not, are there any alternatives?
just was doing some research for my app, heres what I've found. couldn't post all the links cause I'm new, but easily googleable
Read, Clear Read API: http://readapp.net/pub.html
Instapaper itself. Simple and Full API
Readability
RTCOOL
Feeds api
Boilerpipe
Goose
An overview of text extraction algorithms: http://www.readwriteweb.com/hack/2011/03/text-extraction.php
best of luck!
Nope. If you want access to the built-in one, you can file an enhancement request with the Apple bug reporter. There are also third-party services like Readability which, depending on the purpose of your app, you might be able to make use of.
Is it possible to get information about user's current mobile provider(not home carrier) - for example when he is using roaming?
I don't think so using public APIs at least. It seems too cut off from the rest of iOS to access. That being said, I haven't seen any documentation that confirms it one way or the other. The problem is that I don't know where to look for said information. That's your problem too :). Sorry I can't back it up with any tangible evidence, but it seems too separate based on my gut feeling.
Do they just scrape or are there APIs?
I think they just scrape, because I haven't seen or heard of any APIs. Check also https://stackoverflow.com/questions/2689711/itunes-app-store-api
I was looking for the same things and found http://code.google.com/p/android-market-api/ (this is not the official api, as it seems they arent' any). It would be nice if there was an official API in the same way itunes has made theirs available