[HN Gopher] History of the browser user-agent string
___________________________________________________________________
History of the browser user-agent string
Author : choult
Score : 77 points
Date : 2022-05-03 09:47 UTC (1 days ago)
(HTM) web link (webaim.org)
(TXT) w3m dump (webaim.org)
| burnt_toast wrote:
| Articles like these are my favorite. Some of the design decisions
| about the web feel so absurd until you follow the trail. It's
| like a slow descent into madness.
| wolpoli wrote:
| The story needs to continue with Microsoft releasing Edge and
| adding the "Edge" identifier to the user agent string, then in
| Chromium Edge, changing the identifier to "Edg" because they need
| to ensure servers do not confuse the new Edge and the old Edge.
| stringoftheseus wrote:
| One of these years I may have to do a second edition. I thought
| at the time that Chrome's user agent string was peak insanity,
| but I really should have known better. As you pointed out,
| things have only gotten worse since.
| 1vuio0pswjnm7 wrote:
| I use a text-only browser to read HTML and make HTTP requests
| with TCP clients instead of the browser. For many years I have
| sent no UA header. The results have been great. Assuming a
| website has many versions for different form factors, there still
| has to be a "default". Many times it appears to be mobile. But
| there is more to the UA header than a means for selecting an
| appropriate design for a given form factor. If it were as simple
| as that, then there would not be so many UA string shenanigans.
| Websites use the UA header for myriad "illicit" purposes.
| Fingerprinting users is one obvious example. By not including the
| UA header, we as users can deny its usage. It does not stop
| fingerprinting but it removes the contents of the UA header as a
| data point.
|
| There are very few websites I have found that require a UA
| header. Squarespace hosted sites are one example. Another is
| sec.gov. (Usually, they do not care what the string is, they just
| want something.) I have the local forward proxy configured to add
| a UA header for these few sites. Recently I had to add wsj.com to
| the list. It really makes one wonder why the heck these sites
| need a UA string. There are incorporated for-profit entities
| whose core speciality is UA sniffing for tracking users,
| advertising and who knows what else. Perhaps WSJ wants our
| fingerprint. As others will point out, Google is trying to
| eliminate use of the UA header. One wonders what these folks who
| think UA is significant and reliable are going to do then.
|
| There was one example I once found of a web site that required a
| certain UA string as a sort of shibboleth. This was unique
| because _they told users what was the required string._ Thus,
| unless a user could set their UA string to the value the site
| indicated was required, they could not access the site 's
| content. To me, that is what the UA string is, an HTTP header
| that anyone can change to anything they want.
|
| I am more than happy to provide whatever UA string a site
| operator wants. All they have to do is tell me. Otherwise I am
| not sending a UA header. :)
| dj_gitmo wrote:
| At this point what is stopping browsers from removing all this
| cruft?
| goto11 wrote:
| Backwards compatibility, as always.
| TAKEMYMONEY wrote:
| Some are actively reducing it:
| https://developer.chrome.com/docs/privacy-sandbox/user-agent...
| mxuribe wrote:
| I agree! At the very least, maybe web desoign and development
| based on/dependent upon user strings dies off...or if they're
| going to keep the cruft at least make it a little tidier and/or
| contain more truthiness[0]!!
|
| [0] = https://en.wikipedia.org/wiki/Truthiness
| joshstrange wrote:
| There was a post here on HN the other day that also talked about
| the User-Agent that I started reading and now I can't find it
| again. Originally I thought it was going to be this page (as I've
| seen it before and quite enjoy it) but I'd like to finish that
| blog post. I don't suppose anyone else knows what I'm talking
| about? My searching is coming up with nothing.
| avian wrote:
| Probably this one?
|
| https://news.ycombinator.com/item?id=31245118
| joshstrange wrote:
| Thank you! I searched for every combo of "user", "agent",
| "browser", etc. I would never have remembered it was "UA" in
| the title. Thank you very much!
| mattl wrote:
| " In the beginning there was NCSA Mosaic, and Mosaic called
| itself NCSA_Mosaic/2.0 (Windows 3.1)"
|
| Mosaic was for UNIX at first and wasn't the first browser, so
| what on earth is this?
| [deleted]
| stringoftheseus wrote:
| It's been a while, but I think I didn't bother going any
| further back because Mosaic was the last time the user agent
| string that made sense. After that we got "Mozilla" and things
| started going crazy.
|
| Hopefully the humorous tone dissuades anyone from thinking it
| was meant to be a serious and comprehensive treatment of the
| subject.
| adamomada wrote:
| Perhaps it was the first browser to send a user-agent string?
| It's not labelled a history of browsers.
| ftkftk wrote:
| User-agent strings finally make sense now. I thoroughly enjoyed
| this article.
| kuharich wrote:
| Past comments: https://news.ycombinator.com/item?id=298844
___________________________________________________________________
(page generated 2022-05-04 23:01 UTC)