The post popular answer includes: History of the browser user-agent string related discussions:
2022 (87 points, 20 comments) https://news.ycombinator.com/item?id=31246438
2019 (62 points, 22 comments) https://news.ycombinator.com/item?id=21085388
2018 (558 points, 168 comments) https://news.ycombinator.com/item?id=16525559
2013 (100 points, 32 comments) https://news.ycombinator.com/item?id=6674812
Statute doesn’t reference consumers, and does list deception as being prohibited. So it’s at least debatable.
Also, I doubt tricking servers would indicate creating consumer confusion with the trademark.
ISTR that Netscape used to have in it's README or INSTALL (or maybe an "about"-like menu entry) a note that the name of the browser is pronounced Mozilla while only being spelled N-E-T-S-C-A-P-E.
I have been omitting it for decades with great results.
> Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36
It is Mozilla (nope), Linux (yes, in a sense), Android (yes) AppleWebKit (not Apple and not WebKit), KHTML (nope), Gecko (nope), Chrome (yes), Mobile (yes), Safari (nope).
So maybe they owe something to Mozilla, Apple and KDE.
[1]: https://www.pcworld.com/article/435584/why-windows-10-isnt-n...
(realistically though, the '9x' problem does make a lot of sense)
Now Apple has the year in the OS version we'll have people wondering in a few years what happened to iOS 19-25.
We sold software that was installed long-term at customer sites, and they weren’t going to update it until they needed to, so the bug persisted in production well after we fixed it.
The idea that "sensibly designed software wouldn't have this issue, so it must not exist" is absolutely at odds with virtually everything I've seen in my career.
Its basically standard in software to do this when the actual name for something comes out near the end or changes often so you don’t have to update all the code to reference the new name.
This is what they were doing at the time anyway.
Windows 7 was 6.1, Windows 8 was 6.2, Windows 8.1 was 6.3.
Those were very poorly written apps. They very well could simply have been using APIs that returned the consumer oriented names.
These are custom apps running on a specific set of computers in places like banks, stores, government offices around the world, etc.
Opera/9.80 (X11; Linux zvav; U; en) Presto/2.12.423 Version/12.16
It did keep the version at 9.80, presumably because >=10 must have caused problems somewhere.
Blanking out the user agent would have to be pushed by either Apple, Google, or Microsoft. And out of those I feel like only Apple would do it. iCloud private relay doesn’t end up breaking websites since companies care about not degrading the experience for Apple users and make sure the site still works.
Even tor-browser doesn't dare to modify the user agent string in any major way. It's almost impossible to lie about because trackers don't actually care about your user agent. They're identifying your device/OS through side channels (canvas, webgl, fonts, etc).
It's the current heavyweights who could change it for the better: Google and Apple. If either introduced a major change in how they present the user agent, websites would be very quick to adapt (if they need to in the first place...), or else. Otherwise, no change will happen - and I think this will be the case, same as with the HTTP "Referer" (misspell of "referrer").
Fun fact, non-browsers actually have much nicer user strings. I run an internet radio, and there is a lot of clients like
Linux UPnP/1.0 Sonos/85.0-64200 (ZPS1) Nullsoft Winamp3 version 3.0 (compatible)
Echo/1.0(APNG)
NSPlayer/8.0.0.3801
mpg123/1.20.1
No. They don't use it to blend in. If they wanted to blend in they would be modifying every platform's user agent string to look like Windows x86_64 or something. They don't do that because there's no way they could possibly get away with it.
Instead, they're resigned to simply censoring the minor version number of the browser to reduce entropy.
> Fun fact, non-browsers actually have much nicer user strings. I run an internet radio, and there is a lot of clients like
And those tools will get blocked by various CDNs for not having a browser user agent string, not having a browser-like TLS handshake, etc. This is why projects like curl-impersonate and golang's utls had to be created.
Yes indeed. They use it to blend in. What they want is to not stick out, so, they act like the rest of the browsers do.
Just like the tools you mention, curl-impersonate and others.
Bravery, daring, could only be done my market leaders here. Google and Safari. The rest of the guys just follow suit.
why haven't we deprecated this junk
Because the reason it is the way it is in the first place is compatibility with sites that are doing things objectively wrong already, which makes it really hard to get them to change.
The problem is that poorly designed systems limit access or disable features based on a user-agent allowlist, which is never the right answer. There is no right way to do it because it's always wrong, but people choose to do it anyways.
I'm personally a fan of treating broken sites as broken, but I understand that realistically any "alternative" browser has to deal with all the broken sites designed for whatever came before it because otherwise most normal users won't consider switching.
If I were made King of the Internet for a day and able to enforce any changes I wanted on everyone, all the major browsers would have to change their user-agent string to something totally unique on the same day, intentionally breaking any sites that are doing it wrong for everyone so the broken sites are forced to fix their own nonsense. That'd come maybe two or three decrees down the line from "All ISPs are required to provide a globally routable IPv6 block in accordance with RFC 6177, providing only CGN IPv4 is a capital offense".
Also IMO it's useful as an admin to know what clients your users are using, but I do understand why many would prefer to limit the data shared with the sites you visit.
These days old browser versions are for most companies, a problem of the past. IE is well and truly dead, and almost all users have auto updating browsers now.
Websites shouldn't really attempt to fit themselves to the browser, just detect which features are available and if there is some odd browser bug, wait until it's patched if it's affecting a major browser.
They earned every ounce of pain for that decision.
The main exception to this was Opera back when it had its own engine, which did use Opera at the start of its fairly clean default UA string. Then when they reached version 10 they had to make the primary version 9 with a second real version later in the string as sites couldn’t cope with two digit version numbers…
Opera in the late 90s / early 2000s was excellent. It was lightweight and snappy. Among the first to support tabs. The Presto engine was the most performant on machines of the era. The trialware/adware was annoying, but the browser was solid. The built-in email client was decent as well.
In 2009 they launched a very interesting web server / sharing feature with Opera Unite, which unfortunately didn't gain traction.
Opera Mini was the best mobile browser for a few years as well, before smartphones took off.
I think even the best management in the world wouldn't have helped it survive the onslaught of Google's Chrome and their massive war chest in that time. It's like a team of girl scouts versus the NBA.
My personal big thing was the ability to "minimise" / deque tabs, a legacy of the really early version of tabs that were basically based around the concept of the Windows task bar (and MDI), not tabs. I'm not a Firefox user as it's the least worst option, and there used to be Firefox extensions that mostly (but not quite) did it, but Mozilla naturally broke it as part of their general view that making Firefox worse will somehow make it popular[1].
Also mouse gestures. Again, you can kinda do it with Firefox, but random stuff like the home shortcut screen don't support it nowadays because???
Also, I want a status bar. I don't care if it's old fashioned, but I want one.
Sorry if this is becoming a Mozilla / Firefox gripe fest.
[1] I don't think Opera had a nice preview view for RSS feeds, but Firefox did. Then they broke it for random reasons? Gee, raw XML is so much better than a sensible view, thank you Mozilla!
There's a field in the Volume Boot Record of disc volumes, in the PC compatible world, that was supposed to be the name of the OEM whose software formatted the volume. It was (and is) a few bytes of identifying human-readable text. Operating systems ended up doing string comparisons and parsing numbers, and breaking in odd ways, including not even recognizing their own handiwork, when operating system vendors did not use the name of the first vendor.
* https://jdebp.uk/FGA/volume-boot-block-oem-name-field.html
It has probably been long enough since MS-DOS 3.3 and in turn the Browser Wars that someone is right now failing to learn from history and making this mistake anew, yet again, somewhere.