Prey is now ‘HTTP semantic’

Yes, the world as we know it has changed. Standalone Prey users, hear this: starting with Prey version 0.3.3Prey will no longer be activated on a 200 OK response by default, but rather on a 404 Not Found response.

This may look like a radical decision (and maybe it is), but there’s a couple of good reasons why we did this:

Semanticality

The word exists, right? Hehe.

Well, the point is actually quite simple. It doesn’t make much sense that a “200 OK” response should mean that the computer has disappeared. Rather, it does make much more sense getting it from a “404 Not Found” response. This may sound kind of unimportant and geeky, but making Prey more “semantic-ish” makes it much easier to understand from the developer’s perspective, and more consistent by using a standard and worldwide-known protocol like the HTTP codes.

The good thing about this is that by synchronizing Prey status codes with HTTP codes will allow us to make better use of them, being that there are lots of standard HTTP codes that seem to be of really good use for us, such as 302 Found, 403 Forbidden, 409 Conflict, and so on.

Scalability

This is perhaps the most important reason of all. As the number of Control Panel users continues to grow, so does our need to handle the server load better. Having a “404 Not Found” message previously meant we allowed the request to get through to the application, and thus, having the application handle the request rather that the web server. We actually managed to cache almost 100% of the requests from Prey, but this small change makes it much simpler for us, in hopes to make maintenance and updating in the future easier.

Memorability

That’s right. Until now, if you were using Prey in standalone mode it was up to you to remember the correct URL you’d be using later to activate Prey. So basically doing it the other way around makes it easier to handle, since the file/URL is already there and you just need to find it and delete it.

And boom, that’s it.

Now, the good thing about this is that Control Panel users don’t have to worry about anything, since the handling of the HTTP codes has been taken care of. So basically each version of Prey will get its correct response from the Control Panel, in order for the software to behave as it should.

Standalone users, on the other end, will need to generate the check URL they had previously defined in order to wake up Prey only when requested. We’ve also added the possibilty to change the missing_status_code in Prey’s config file from 404 back to 200 so you can revert things back to the way they were. Although we must say it’s probably not a good idea, since you’ll have to mingle with the config file each time you update the software.

Any thoughts or opinions? Feel free to tell us in our mailing list.