cryptography – Fail to understand how hash length extension might work in real application

I’m trying to understand how hash length extension might work on real web applications using hash for MAC.
Especially what I don’t get is, how the application consider the evil forged hash valid.

Let’s say we have an app which sends this and I want to tamper data

POST /stuff?mac=d147c7b4a79f920a1efefddc30da181f036073cd


We can agree that the app behind the scene does something like this

if($_GET('mac') == $_SESSION('previouslyCalculatedHash/Viewstate')) {
    echo 'OK'

Except if I does that, length extension does not allow to tamper data, as shown below it does not gives me the same hash, which makes sense and so I don’t see what we can do with this attack on real applications which might check for string equality with a previously calculated hash saved in application state.

❯ echo -n 'SECRETdata' | sha1sum                                                   
d147c7b4a79f920a1efefddc30da181f036073cd  -

❯ hashpump -s d147c7b4a79f920a1efefddc30da181f036073cd --data 'data' -a 'evil' -k 6

❯ echo -n 'SECRETdataevil' | sha1sum                                            
482ac2a591135150b444bd18e4e045f5fd3881a6 -

So, I would like to know a real example where the length extension might allow a bypass on a web application.