Filtered Network tab to XHR, and looked at the GET requests and Ha! Okay, well cool, but still I cannot pinpoint who this person is, nor reply back.Since we got this far, probably we can go even farther.
I am not a fan of online dating, nor do I have any online dating apps installed on my devices.Tonight while working on my startup Developer — A service to create your own beautiful product documentation, API reference, user guides in hosted developer hubs (portals) — I got a message from someone with 100% compatibility as the dating website claims, so I was highly intrigued to know who she was.The dating website does not even allow you to read the message.Damn, “famous” also does not exist in the websocket. Looking at the JSON payload, it seems that there is a message object, and then the pre-defined message has an ID and we’re sending that.Looping over the messages trying to understand the XML being sent (who the hell uses XML these days for websocket communication? I decided to try to set the message key to the value “Hey there! Can not instantiate value of type [simple type, class api.message. '); no single-String constructor/factory method at [Source: org.glassfish.jersey.message.internal. I am sending the pre-defined message ID, so the ID must exist somewhere.
At this point — I started writing this Medium post because I realised that their security does not seem to be marvellous.