The User-Agent string seems like such an old thing, I decided to use the Netscape icon here. Remember Netscape? I do. :D
Anyway, let’s get to the article…
I’m on macOS 11, arm64… Both Firefox and Safari seem to report this:
Intel Mac OS X 10.15
Wrong architecture, wrong OS, wrong version…
No wonder sites offer the wrong download (x86) on things…
But then I thought about it… Maybe this is on purpose to prevent fingerprinting?
So I looked into it
Turns out, it has nothing to do with fingerprint prevention, and has all to do with bad web developers.
Many web developers, use the User-Agent string to get information about the platform…
Desktop vs Mobile (Architecture)
…in some cases, to decide whether to serve you a desktop or mobile page (because not everyone has arrived at responsive designs yet…)
So, something like “arm64” or “Apple Silicon” could be interpreted as a mobile platform. And they’d serve you a mobile site.
The correct behavior would be to make the website responsive and simply work with both.
Supported OS
Many websites, determine whether they can offer you a download or support your platform by checking the User-Agent string. So, if they see “Mac OS X”, they know to offer you a download for Mac. If this was to be changed to “macOS” countless sites would simply stop working correctly.
Now, I understand, the simple end-user might not even know whether they’re on Mac or Windows (yes, really), so it can be a huge help if this is detected for you.
But the correct way to do it, is to put the big green download button with your detected platform at the top, and put links to downloads of the other platforms underneath. If the platform couldn’t be detected for some reason, just show multiple links/buttons. Do **NOT** redirect to some page saying the platform is not supported. That’s just bad UX. Maybe I just want to download something for another platform for offline install? IDK, don’t assume for me.
OS Version
Many websites also care for your OS version, for example to know if some software can run or which installer to serve…
Well, it seems many web developers just assumed that Macs will always be 10.x, so they do some parsing to get the minor version number…
If they’d suddenly get “11” or “11.0”, this parsing based on such a silly assumption would stop working, and things would simply break.
The correct way would be to simply get the entire version number, and use some version comparison function or library to do it properly. Don’t regex, assuming something. Remember how Microsoft couldn’t call it Windows 9 because countless devs just assumed anything with a 9 must be 95, 98, etc. and the installer would refuse to run on Windows 9? Great. So now you know why 9 was skipped.
Conclusion
Well, it seems plenty of web developers just do silly assumptions and try to derive a bunch of information from the User-Agent string, which they perhaps shouldn’t, or at least not with assumptions made that things will always be this way.
So, this is why Apple has “capped” the User-Agent string on Safari, and Mozilla did the same on Firefox.
Fucking web devs. XD
I’m kidding. I’m a backend web dev. But I don’t do such weird things! :D
But of course, the User-Agent string should probably be deprecated and then eventually made obsolete and removed.
Another problem of this is, web browsers actually support feature detection for devs to know what features are supported. Many devs don’t use this because they’re lazy. They just check if it’s Chrome, and if it isn’t, they will outright refuse to run saying “it’s not supported”, or “required feature not supported by your browser”, which may be true at the time, but then the browser adds that feature, and it still can’t run. An example of this was FIDO U2F… Which back in the day worked with Chrome, but not Firefox. So, many sites just didn’t offer U2F if you were on Firefox, even when Firefox later added that feature. Why? Because devs used the User-Agent string rather than proper feature detection through the official APIs.
Leave A Comment