Reverse engineering - danopia/deviantart-difi GitHub Wiki
Virtually all of the classes and included calls were discovered by the following combination of methods:
- looking through the javascript files on deviantART, either using grep to find DiFi calls or by looking by hand.
- entering the following filters into Wireshark and surfing dA:
http.request.uri contains "/difi"data-text-lines contains "DiFi" and data-text-lines contains "status"
- using the Chrome Developer Menu (F12 → Network tab), and either entering
/difior filtering XHR requests
Certain methods described here can be reverse-engineered by the analyzing the source-code presented in various javascript files found throughout the DeviantArt website.
There are two versions of each javascript file:
-
filename_jc.js– are served by default, are minified versions of javascript files that lack comments and proper variable names -
filename.js– are the un-touched, un-modified javascript files that contain comments and proper variable names
DeviantArt by default servers the minified version to its users, with comments removed and variable names missing from the javascript files before sending each to the browser. While this practice increases performance for the final users, it decreases code readability at the same time, which makes reverse-engineering the code and DiFi calls much harder.
DeviantArt also keeps an untouched version of the same file, which contains proper variable names and comments. The second version is thus more suitable for reverse-engineering.
The javascript files that contain the _jc at the end of their names are the minified versions, and the files that do not contain this suffix are the original files.
Both versions of javascript files can be accessed via the following URLs:
https://s.deviantart.net/css/<filename>.jshttps://st.deviantart.net/css/<filename>.js
At the time of writing this document, the untouched files remain accessible to the public, but DeviantArt may remove the files or cut-off the access in the future. Therefore it is encouraged to archive the original .js files as much as possible, using the web.archive.org service.