So the 'Rave' app let's you watch Netflix, (YouTube, .. and other streaming services) with friends. It's easy to recognize that they use Android WebView to display the source website first. They then listen to URL changes, so they can detect that user's selected video, and then play that on their own Video Player (which probably is a webview too).
Now the question is, how on earth do they manage to play Netflix on their webview player? Netflix's DRM policy requires you to have the native android app or a browser on your computer.
Since Rave are managing authentication using the WebView, they must have found a way to circumvent the barriers Netflix has placed?
This has been a really interesting case study for me. It would be great to understand the legal implications of this too.
I did a lot of digging and tried to contact the developers of the said app. They didn't respond. However upon learning how any app implements DRM on Android, the answer was obvious.
They use ExoPlayer to stream Netflix shows on their app. I confirmed this by intercepting the traffic between their app and server in my own network.
The app (exo player) was regularly exchanging certificates with the official Netflix license server, as is required by WideVine.
TLDR;
Hence the obvious answer to this is that the company behind rave has obtained the rights to stream directly from Netflix's servers, as one cannot communicate with the Netflix license server without prior permission.
This can be confirmed on the LinkedIn profile of the lead developer as he vaguely mentions that he collaborated with Netflix while working on this.
Pretty disappointed
Related
Problem:
Youtube Music sucks for playing back music you have uploaded for years. The app sucks, and the Android Auto app sucks. I've contacted the YT Music team many times, but they don't seem to listen to music ever so they don't even understand the problem(s).
Solution:
Create my own app to play back my own music that lives in Google/Youtube Music. I'm an Android app developer so might as well fix this my own way.
Are there APIs for Youtube Music? I know there's an unofficial Youtube Music API, but that's phython, it doesn't build at the moment (Feb 2022), and it seems to focus on paid music, not my own uploaded library.
Would Google drive APIs do this? If so, is there documentation on how to use it? I can figure out the OAuth part, but I don't know where to get the data for the parameters in this sample api
Is there a better way for this? I just need to download the music files, and then create a player around them.
Thank you!
I was looking for something similar but the closest I got was ytmusicapi in python. It works for me and I installed it via pip install ytmusicapi. Its source is hosted on https://github.com/sigma67/ytmusicapi there, perhaps, you can see the YTM protocol. Authentication works by simply copying cookies from your browser after authenticating with YTM manually. That worked for me as well.
Another option is Kodi and a plugin they have: https://forum.kodi.tv/showthread.php?tid=360827 (but that did not seem to work for me after 3 minutes I spent on it).
If you are serious about it and you can't get YTM protocol via the source of ytmusicapi, then you can perhaps reverse-engineer the protocol using your browser. Firefox's Tools->Browser Tools->Web Developer Tools is your best friend. After you authenticate to YTM, open the "tools", click on "Library" on YTM webpage, then in "tools" tab, go to Network and look for a POST similar to https://music.youtube.com/youtubei/v1/browse?key=... right click on it and Copy->Copy as Curl. You will be able to see what auth-headers it sends and also what's the protocol for showing up your YTM Library.
I am building an Android & iOS App that has a video player, I am using one video hosting site(Wistia) for my videos. All videos are domain restricted, which means those will be played on a listed domain. The videos are getting properly played inside the web app(As we have allowed the video to be played for that domain) but I am not able to play those in my Android/iOS app.
Note: When I remove domain restriction from the video, then I am able to play the video in my app.
Can someone help me to find the domain of my Android app? Where should I define it in the code?
Below is the Wistia embedded code:
<script src="https://fast.wistia.com/embed/medias/j4q2kxdfd4.jsonp" async></script><script src="https://fast.wistia.com/assets/external/E-v1.js" async></script><span class="wistia_embed wistia_async_j4q2kxdfd4 popover=true popoverAnimateThumbnail=true" style="display:inline-block;height:84px;position:relative;width:150px"> </span>
Thank you.
Wistia is targeted at websites - they did have an iOS mobile app in the past but this was aimed more at contact owners, I believe, and is not supported anymore, either way.
They highlight this in their documentation (at time of writing):
Mobile OS Support
Most mobile devices only support HTML5 playback, which is Wistia’s default for mobile. This includes Android phones and tablets (4.1 and up), and iOS devices like iPhones and iPads.
To include Wistia in an app, the most recent way I have seen recommended by Wistia is to use a WebView and the standard embed code. This will allow you use the usual domain restrictions you have set.
The domain checking feature is most likely using the 'origin' or the 'referrer' field in the HTTPS request to determine the site the embed code is being used in. It is possible it is using a more complex mechanism than this but I think you will have to contact Wistia directly if and ask for support of that is the case.
Assuming it is this mechanism, you can look at the request headers in a browser inspector. For example, taking a site that uses Wistia and looks at the requests you will see something like this:
I've hidden the exact site name but both the origin and the referrer are the same top level domain name for the site hosting the videos.
The website on a mobile app will work the same way but if you are using a WebView in an Android app you will need to set the fields yourself, You may need to experiment as there seems to be different approaches but this is a good starting point: https://stackoverflow.com/a/5342527/334402
If you set these headers to a domain that is included in your set of allowed domains and the video still will not play then I think you will need to contact Wistia support directly.
This is a short question:
I'm using "YouTube Data API", and I've noticed that if the YouTube app isn't installed, all demos of the sample just show a dialog telling the user to install the app.
I'd like to have a different fallback, so that the video will still play.
I assume I can use WebView, but is there a better way? Maybe a VideoView ?
What's the best alternative, without any libraries (using just the framework) for when YouTube app isn't installed?
I'm working on a mobile application that detects song plays from various media players, both on iPhone and Android. We currently support a number of applications in both platforms. Our application works in a similar way to how Last.FM detects and automatically scrobbles plays.
However, we have not been able to get a working solution for detecting Spotify song plays that does not need to use either Last.FM scrobbling (available in Spotify for Android only) or Facebook as a proxy.
I've tried a few things for android but as I understand it (I see lots of posts e.g. Find what song is playing in spotify on android), the Android Application does not broadcasts media related intents for song plays, so we need something more creative. In any case this does not solve our problem for the iPhone use case.
Lib-spotify held some promise for us, and I've manged to build an application that can create a session and navigate some playlists, but I have not figured out if I can load what would appear as "play history" in the Desktop Application via lib-spotify (e.g. is this a special form of playlist?). I have also tried a Spotify App to accomplish the same but the API appears to not to expose required functionality.
It seems like I've exhausted all avenues on this one, but does anybody have any suggestions for something I haven't tried?
Assume that I have spotify credentials for each user whose history I would like to gather.
Thanks
Spotify has a metadatachanged intent-action that contains artist, album, track, length, and id values.
See: https://stackoverflow.com/a/22195867/1345586
Unfortunately, the desktop play history is local to each machine, meaning it can't be accessed through libspotify or any other API.
At the moment, there isn't a way to reliably achieve what you're wanting to do on mobile platforms.
The new Google Play Developer Program Policies state that it is no longer allowed to publish web browsers that are based on WebView:
Do not post an app where the primary functionality is to:
Provide a webview of a website not owned or administered by you
(unless you have permission from the website owner/administrator to do
so)
I was thinking of developing a WebView-based web browser but now I see that this is no longer allowed.
Frankly, I find it insane to ask every website in existence for permission to display its content via a WebView based browser.
What are my options? Is there an alternative web kit that is as powerful as WebView?
It doesn't say you're not allowed to make a browser.
It says, that you're not allowed to make an app which merely is a WebView showing a website you do not own, and don't have permission from the owners to make.
That is, I am not allowed to make a GMail app, which merely is a WebView showing the GMail mobile website.
One reason could be, that such an app provides nothing that a bookmark wouldn't. Another reason could be, that such an app may seem to the end user to be affiliated with the website it's embedding. If the app then added adverts, crashed or provided some kind of negative user experience, this could reflect poorly on the website being embedded.
You totally missed the point, if you are making app that displays some site that you don't own then some users of that site will use your app instead of simple browsing to get information from that site.
Let's say that site has 3 pages
-> 2. -> 3.
If you are showing page #3 from your app then users will not see ads from page 1. and 2. Which means that you are stealing that site's money.
And that's why you need permission from site owner.