What is the advantage of having a domain name (spotilocal) that resolves to 127.0.0.1?
Not sure if this is best suited to Programmers, Server Fault or Stack Overflow. It's not, however, a question about developing for Facebook.
Facebook recently announced tighter integration with Spotify. Play/pause buttons that control the Spotify desktop software have been added to Facebook, and the most recent version of the Spotify client runs a local web server. Facebook makes calls to, for ex开发者_如何学编程ample:
http://1234.spotilocal.com:4380/remote/status.json
http://1234.spotilocal.com:4380/remote/play.json
http://1234.spotilocal.com:4380/remote/pause.json
...where *.spotilocal.com
resolves to 127.0.0.1
.
What is the advantage of having a domain name that resolves to localhost? Is it so that Spotify can quickly make a code change on that domain name if something should break, and so don't have to rely on Facebook?
It seems Facebook could just as easily point to:
http://127.0.0.1:4380/remote/status.json
the biggest reason for us when designing it was so that it would work with https without a mixed-content warning. Getting a cert for a real domain is a lot easier than getting one for 127.0.0.1.
One of the advantages of using a custom domain is that it looks a lot more trustworthy. I've seen a good chunk of Windows malware that sets up a local proxy server; any web requests that go to 127.0.0.1 (and not on a test web server the user knows about) would look pretty suspicious, which I'm sure both Facebook and Spotify would like to avoid.
It is both more user-friendly and indeed can resolve to different IPs depending on the settings of your windows 'hosts' file(which I'd imagine they're making use of). The port number is also important, as the service would reserve that port for its own use. Users don't like seeing IPs as much as they like seeing URLs because they're familiar with them, and those that aren't too computer literate may get concerned that something isn't right. They feel safer seeing the 'spotilocal' url.
The answer is simple : infinite subdomain and thus bypass the number of concurrent connections allowed by the browser
I suppose if they're running a local web server they could also do some routing on the domain name - they could have auth.spotilocal.com, remote.spotilocal.com, images.spotilocal.com etc and have the code dispatch to various things based on the incoming url.
I'm not sure there's any particular merit in that over the URL format you've described but it is another option you don't have if you just go direct to an IP address.
When you visit spotify.com, the site requests spotilocal and receives a token (I think it's from the spotifywebhelper process running in the background). So basically it's for tracking you.
Try it, if the spotify app is running (and you logged in), you can login on spotify.com automatically, even in private mode.
精彩评论