Comment by paxys

> What even is a legitimate use case for an app starting a local web server?

There are apps on iOS that act as shared drives that you can attach via WebDAV. This requires listening on a port for inbound WebDAV (HTTP) requests.

A long time ago I used it to work around an iOS limitation that prevented apps from simultaneously streaming audio and caching it. You could give the media player a URL for a remote stream, but you couldn’t read the same stream. The alternative was to get the stream yourself and implement your own media player. I didn’t want to write my own media player, so I requested the stream myself in order to cache it, plus fed it back to the OS media player via localhost http. Total hack, but it worked great. I wonder if they ever took that code out. It’s got hundreds of millions of installs at this point.

Which begs the question why is this specific to Android? Why would Meta/Yandex not be doing this on iOS, or why did this study not report on iOS?

I expose a LAN accessible status board from an app via HTTP. The app runs completely offline, thus I can't rely on something hosted on the public internet.

My last electron app did effectively the same thing. I took the hosted version of my app and bundled in electron for offline usage with the bundled app being just a normal web application started by electron.