[PLUG] Web servers, browsers, and OSes

Tom tgrom.automail at nuegia.net
Fri Jun 19 18:17:52 UTC 2020 

On Tue, 9 Jun 2020 14:34:19 -0700
Ben Koenig <techkoenig at gmail.com> wrote:

> On Tue, Jun 9, 2020 at 12:35 PM Rich Shepard
> <rshepard at appl-ecosys.com> wrote:
> 
> > On Tue, 9 Jun 2020, Ben Koenig wrote:
> >  
> > > Browsers typically provide a "user agent" string to the web
> > > server when making requests. This is a human-readable string that
> > > typically  
> > identifies  
> > > your browser, OS, and any other relevant info as deemed
> > > appropriate by  
> > the  
> > > browser. Most browsers offer the ability to modify your user
> > > agent string ("user agent spoofing") to trick websites into
> > > giving you the page for a different browser.  
> >
> > Ben,
> >
> > Good to know. But, is one's UA allows access to multiple pages on
> > the site, but not another one, is that a UA issue? Specifically,
> > after I logged in to the conference web site I could look at the
> > schedule, agendas, and other pages along the menu at the top. But,
> > when looking at the page with the meeting I was to join there was
> > no link 'join meeting,', '+' or other means to do so.
> >
> >  
> Maybe? Depends on how exactly they are serving that button. Parsing
> the UA string is just one explanation for what you described. If
> that's true, then changing your UA to a "supported platform" may
> result in the button being displayed. The only way to know for sure
> is to try it, or read through all the code.
> 
> 
> 
> If you are curious, one example of how to remove a button would be to
> retrieve the user agent string using client-side javascript, and then
> adjust the style of the button based on contents of the returned
> string. Setting the "display: none;" on an HTML element will
> effectively remove the button by preventing it from being displayed.
> That way you can serve the same exact page to every user, but avoid
> displaying information that may result in poor user experience.
> 
> 
> Regards,
> >
> > Rich
> > _______________________________________________
> > PLUG mailing list
> > PLUG at pdxlinux.org
> > http://lists.pdxlinux.org/mailman/listinfo/plug
> >  
> _______________________________________________
> PLUG mailing list
> PLUG at pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug

That's not at all how you should do things. We have graceful fallback
exactly for this reason. You don't start blocking or whitelisting
useragents based on features you think they have. That leads to a much
worse user experience and anti-competitiveness as your artificially
limiting a user's choice in useragent. Keep in mind that supplying the
user-agent header is purely optional in the HTTP-spec and is only there
so that issues can be reported to the right organization. Not so you
can discriminate which browsers can visit your site. What your logic
leads to is blocking everything who is not using Google Chrome.

Regarding providing styles based on user-agent if you want a button to
look native don't apply any styling to it. Let the OS and user-agent do
the styling itself.

-- 
 _______________________________________ 
/ All bridge hands are equally likely,  \
| but some are more equally likely than |
| others.                               |
|                                       |
\ -- Alan Truscott                      /
 --------------------------------------- 
\
 \
   /\   /\   
  //\\_//\\     ____
  \_     _/    /   /
   / * * \    /^^^]
   \_\O/_/    [   ]
    /   \_    [   /
    \     \_  /  /
     [ [ /  \/ _/
    _[ [ \  /_/

More information about the PLUG mailing list