Is it inadvisable to use http traffic analysis to build a meta web service / pseudo-api?

Question

I've been looking at http traffic analyzers which are browser addons that monitor and analyze all incoming and outgoing HTTP traffic between the browser and whatever web server you're connecting to.

The types of information available per request include:

* Request and response headers
* Sent and received cookies
* Querystring parameters
* POST parameters
* Response body

My question is whether it makes sense to use this to build a web service.

What I am interested in is using Windows SkyDrive - which offers 25GB of storage per user account - as a storage solution for my web app.

So what I am considering is using HTTP traffic analysis to figure out how to get my web app to mimic a browser interacting with my SkyDrive account.

Is this a bad solution? I have a feeling one of two things could happen quickly:

1. Microsoft figures out that these are automated requests and shuts down my SkyDrive account and deletes the data.

2. Microsoft changes the authentication front-end regularly, requiring me to repeatedly reprogram the portion of my service that interacts with SkyDrive.

Has anyone tried something like this and encountered difficulties? I would like to hear some feedback on whether this is likely to be worth the effort or not.

Answer 1

What you want to do is probably possible, technology wise. But is it allowed under the terms of service of SkyDrive? and what is the worst case scenario if they do change their protocols? Will you be trying to run a business off this data? Have you considered using something like Amazon's Simple Storage Service, which is designed to accommodate exactly what you want to do? Why waste your time reverse engineering the skydrive protocol?