Comment by infogulch
3 years ago
I'm all on board calling Google out for slowly implementing a user data protection racket, where Google owns all the data and everyone else is squeezed out and has to go through Google as The central data broker. At the same time this user agent reduction thing seems like a decent idea at first blush and good for users privacy.
TBH I'm surprised the User-Agent header has survived as long as it has. Referer, too.
Referer is not quite the same as how it was. In recent years, the default behavior in most cases is for the browser to either send just the origin, or no referer at all.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Re...
"Origin" means no path, so the referer might tell me which search engine the user used, but not what search query was done. It's much better than in the old days, where I might even see someone's session ID in the referer.
YouTube got around this in the earlier days since the referer header didn’t sent query strings. Maybe if referer hadn’t existed, YouTube urls would look like /watch/ViDeOID
That header and Referer were always a mistake. I don't think The Google's motivation is pure, but I agree in principle.
A lot of sites will break for people as a result, though. Maybe that's what The Google wants, though.
> Referer were always a mistake
Yeah, it's even spelled wrong!
My web development knowledge is very limited. But isn't this the main method where simple websites (most static generators) used to decide if the user is browsing from a mobile or not and serve a version based on that?
I would appreciate it if someone explain what other things people do to tackle this, or if I'm completely wrong?
Most responsive design is based on screen dimensions with CSS media queries these days, not on the actual class of device.
2 replies →
The modern solution is to use CSS with media queries. You tell the client how the site is supposed to look on various screen sizes. The client applies the rules without leaking any information about which rules it chose to apply.
That's mostly done client-side these days; having the server treat clients differently doesn't happen as much anymore.
I think media queries have been the way to do that for awhile. Or I think there's some javascript trick to do it.
The server now needs to respond with the Accept-CH header specifying it wants the client to send the mobile client header by including the "UA-Mobile" value. A compliant client will then send the Sec-CH-UA-Mobile header in its next request with either the value "?0" or "?1".
2 replies →
[dead]
I agree that user agent is not the best idea but it helps endlessly when you need to find out what browser a non techy person is using - just ask them to go to one of the endless sites that tells you what browser you're using based on the user agent string.
Without Referer how will jwz dot org troll HN users?!
If that were really their motive, a better strategy would be making user agent string customization a first-class feature.
No, because approximately nobody would customize it.
Then generalize it by default. I just can't buy that Google really has this motive when they simultaneously are introducing WEI.
2 replies →
They could also use the user agent: "", or omit the http header entirely.
You can already do that with extension, can't you?
An extension isn't first-class support, first-class means supported directly in the browser and easily discoverable.
Will that finally bring an end to having to use user-agent-switcher to get some sites to work on Firefox?