
How to rickroll Spotify for Android - kjempelodott
https://github.com/kjempelodott/rickify
======
duiker101
Apart from being a very funny, this is a very nice MiTM "Hello World". A real-
world application of something that is not very easy and straight forward. I
remember trying to learn this stuff a few years ago and could never find a
simple way of doing it.

Really great stuff.

------
CraftThatBlock
This raises the question of: why is Spotify on HTTP for the first seconds?
Would it be to bypass the TLS handshake, hence a faster "start" time? Wouldn't
a constant connection (à la WebSocket with TLS) fix this?

~~~
deeth_starr
I'm not sure if Spotify does this, my experience is mostly in video, but if
some or all content is going to be encrypted, you start with a small
http/unencrypted section and then get the license to play the encrypted part.
This is because you can put the unencrypted section on a edge CDN but getting
a license is going to have to go through a server that could have some
significant time (say up to a couple of seconds depending). This makes it so
you start right away (better UX).

I do have some experience in music, and this is likely for uncompressed or
hidef playback. Some labels force encryption for hidef (but in general most of
the music services stream straight progressive unencrypted even though their
contracts require encryption in all cases).

Edit: but doing this is really tough. You're going to need to stitch together
those two stream without a gap. This takes a lot of engineering. I've done
this in flash and pure js. So this is not an arbitrary decision.

~~~
jessedhillon
Couldn't the preview always end after N seconds, and the licensed stream
always begin at the very next frame? Then it's just a matter of appending the
licensed stream to the playback buffer after exhausting the preview stream.

~~~
deeth_starr
Exactly. This is how you do it. But you'd be surprised how complicated this
is.

------
pawelduda
Tried this both on Android and iOS and can confirm that it works :)

------
jerianasmith
I too feel that it's better to try alternate methods once the music starts
playing

------
organian
Can also be used to intercept Instagram images:
[http://imgur.com/3cYnSzl](http://imgur.com/3cYnSzl)

------
matiasb
Nice!

