The other day I realized I wanted a way to see all the popular movies and tv shows that were available to watch by service, genre, etc. My first thought, IMDB does that! Theres a filter for streaming subscriptions right there!

Jumping into the detail view gives me even more filters

Awesome! We're done ... right? Well not quite. At first glance everything seems fine but looking at the details view for the Simpsons reveals the issue

The Simpsons streams on Disney Plus but theres no option to watch there. IMDB doesn't let you filter using Disney Plus either. More importantly the same is also true for Netflix.

Lazyday#

So then I tried out lazyday which to its credit was better but still lacking. It did a good job of tagging movies so I could find relevant titles, it had a watchlist I enjoyed using, it showed metacritic and rotten tomatoes results for each movie, it pulled up a trailer, and it had links to everything.

Also the popularity tab seems to be based off it's users (which there must not be many of) because I always found what I had just been looking at there. So I decided to try to use Lazyday's api to build something for myself.

Popping open the inspector and looking at the network requests it looked like the entire site was server side rendered. So unless I wanted to manually scrape the site I needed to try something else

Maybe messing with this url could do something intresting?

Interesting but not very helpful

Breaking Down an App#

Feeling discouraged I started more research into any APIs I could use to do this I found the open movie database, Just Watch, and a few others. Unfortunately they were all lacking, super expensive, or no longer maintained. I then remembered about an app I had on my phone.

I used to love this app but unfortunately the developer never updated it to work with more than Netflix, Amazon, Hulu, and iTunes. I went back and looked at the recent reviews to find that its moved to a subscription based model (it appears I was grandfathered in) for 10 dollars a year!

All I needed was to setup http proxy from my phone to find the api from this app. You can read about how to do this with postman in this blog post. If you want to go a bit deeper you can checkout out this video from Ben Awad where he figured out TikTok's API by monitoring the requests from the app

Still going strong I looked at the requests my phone was making while the app was loading and getting the "Where to Watch" results. Following the URL back to the site I found this

Poking around a bit I found some HTML files. To my surprise these files loaded without issues. This was the interesting one though

When I first tried this I didn't expect much. A 401 error or just a silent failure would have made sense. Surprisingly the form worked and not just for one endpoint, all of them.

How did this work? I didn't login, I didn't send an API key with my request. I already knew this API wasn't open, I had tried a few requests in postman. What was different here? Something to do with CORS?

I went back to the form and found the disgusting truth. Plain as day they had embedded their API token in the form. Seemingly for the sake of convenience. Just to make sure I wasn't missing something I copied the request from Chrome as a curl request. Same result. Checking the other api versions I found they all had the same HTML files for testing and they all had the same token embedded in them.

In case it wasn't obvious, THIS IS BAD. DON'T DO THIS.

So?#

So what could I do with this? Well I could use this api as much as I wanted probably without any issues. As a small side project it wouldn't make that much noise and I could go by undetected for some time.

I could try to get more information about this API and maybe even build my own client. The api returns all the data I want even if the current client doesn't display it.

Or I could do what I did do. Reach out to the developer and let them know something is wrong.

What Started All this?#

One positive of all this is that I was able to find the API used by the app, The Movie DB

I also realized what I really want. A GraphQL api that attaches extra metadata to these results. Some fun things I could throw into the mix:

• Does the Dog Die?
• Common Sense Media
• Wikipedia

The Open Movie database can cover a few things too:

• Metacritic reviews
• Rotten Tomatoes reviews
• IMDB reviews
• Posters

Some day I might build a movies app that does all this. I might also just decide what to watch by rolling a dice.