YouTube
The YouTube application available from the eShop is a web-browser. Like the main browser this uses WebKit. All data is downloaded with plaintext HTTP (3DS application).
The OSS for the 3DS / Wii U YouTube application is available at the following:
User-Agent and Browser Versions
The user-agent format is almost identical to the main browser: "Mozilla/5.0 (Nintendo 3DS; U; ; Factory Media Production) Version/<version>.<region>". <lang> is "en", "fr", etc. <region> is "US", "EU", etc. See below for <version>.
Browser version | USA/EUR CDN Title-version | Release date | Notes |
---|---|---|---|
1.7498 | v16 and v0 | Initial app version. | |
1.7498 | v1056 and v1040 | First app update. This build uses the v7.0 NCCH encryption for the main CXI, this was the first retail title to use this. | |
1.7498 | v2096 and v2080 | October 15, 2015 | This update fixed the vuln used for tubehax.
See here for the WebKit changes. The only actual code changes (in this commit) besides an optimization changeset being integrated, is changes for fixing the vuln used by tubehax. Originally the YouTube app used the DNS server from the system configuration. Now it's hard-coded to use Google's DNS server at IP address 8.8.8.8 via DNS-resolver socket code in the app itself (it's unknown whether this resolver code existed in the app before this version). |
Updates for this application are forced, since the app itself checks for a newer version of the title (this is done before any actual HTTP requests by the actual application are done). This is done with Friend Services: the application tries to authenticate itself with FRDU. When the installed version is outdated, it gets an error-code in the output buffer for FRDU:GetGameAuthenticationData (this error-code then gets passed to the error-display applet). This is exactly what official games do when initializing online multiplayer too.
The friend HTTP requests which are involved with the above use HTTPS, so blocking it isn't an option (the usual POST request(s) to https://nasc.nintendowifi.net/ac): blocking it via DNS only results in a different error-code.
RomFS
The RomFS only contains CROs ("/cro/") and the CRR ("/.crr/static.crr"), the following is the "/cro/" contents:
- JavaScriptCore_CTR.cro
- WebCore_CTR.cro
- WebkitMediaPlayer_CTR.cro
- WebKit_CTR.cro
- static.crs
Webkit
Looks like the YouTube application uses a newer version of Webkit than the Internet Browser applet. It has the ability to construct Blobs, of course the HTML5 video element, and possibly the Audio element (Visible, but untested). It also supports the localStorage API. Here a list of exposed apis: [3].
embedded.ctr
Inside the YouTube app, there is a pseudo-webserver running that links to a structure inside ExeFS. This structure provides a list of urls under the domain "http://embeded.ctr/".