Browser Sniffing History in the Chrome UA String
Google Chrome has the following cruft in the HTTP
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.2.149.27 Safari/525.13.
It would be truly revolutionary if the string were just
Chrome/0.2.149.27. After all, RFC 2616 says: “Product tokens SHOULD be short and to the point.” Unfortunately, browser sniffing makes an ever-growing UA string the path of least resistance for browser vendors.
Let’s analyze what’s in the string.
- This means that browser has the kind of capabilities that Netscape 1.1 had compared to Mosaic and Lynx. Without this token, site admins might tell users to upgrade to Netscape.
- This means that the browser engine is from the post-Browser War Web Standards era as opposed to being from the Browser War era. Site admins can use this to tell users that they need to upgrade to Netscape 4.
- This means that general windowing system flavor the browser runs on is Windows (as opposed to something from Apple or X11). Without this token, site admins could tell users to upgrade to Windows.
- This means that the browser has at least the level of cryptographic capability that U.S. versions of browsers had in the late 1990s. Without this token, site admins would think that people try to use crypto that was “export” grade in the late 1990s.
- Windows NT 5.1;
- This indicates the operating system the browser is running on. Site admins can use this to suggest software downloads or to skip exploits that no longer work. Note how all that marketing “XP” stuff would break the numbering scheme.
- This indicates the user interface language of the browser (U.S. English in this case). Site authors may use this datum to choose between different content languages even though HTTP has a different header for that purpose.
- This indicates that the engine of the browser is WebKit as opposed to being Gecko. Site admins should not do user agent sniffing, but if they still do, this is what they should be sniffing.
- This is the WebKit version from which Chrome branched its copy. Site admins could use this to detect old versions with known bugs.
- (KHTML, like Gecko)
- This introduces the substring “Gecko” into the UA string while pointing out to human readers that WebKit was forked from KHTML. (Note that when the fork happened, Konqueror itself did not yet have the substring “KHTML” in its UA string, so “KHTML” is not here for sniffers.) Without this substring, site admins might put Chrome in the same bucket with IE and Netscape 4.
- Finally, we get to a string telling that the browser is actually Google Chrome. Site authors can sniff this and make a future version of Safari to claim to be Chrome.
- This is the Chrome version. Site admins could use this to detect old versions with known bugs.
- This means that the browser is like Safari as opposed to being like Firefox. This is for site admins who did not have enough clue to look for the “AppleWebKit” part.
- This just repeats the WebKit version in order to have some version but not the irrelevant Safari.app version.
Yay for UA sniffing.
Update: Looks like I am late.