Browser spoofing - Mozilla

This is a discussion on Browser spoofing - Mozilla ; I was surprised to run into a section at Go Daddy where they will accept only IE or Firefox. I will complain - I expect better of them. I've lost the link and instructions for spoofing my browser. In the ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: Browser spoofing

  1. Browser spoofing


    I was surprised to run into a section at Go Daddy where they will
    accept only IE or Firefox. I will complain - I expect better of
    them.

    I've lost the link and instructions for spoofing my browser. In the
    meantime, how can I spoof my SeaMonkey so web sites think I am
    Firefox?


    --
    JohnW-Mpls

  2. Re: Browser spoofing

    JohnW-Mpls wrote:
    > I was surprised to run into a section at Go Daddy where they will
    > accept only IE or Firefox. I will complain - I expect better of
    > them.
    >
    > I've lost the link and instructions for spoofing my browser. In the
    > meantime, how can I spoof my SeaMonkey so web sites think I am
    > Firefox?
    >
    >


    1. Get User Agent Switcher -
    http://chrispederick.com/work/user-agent-switcher/

    2. in about:config modify the preference

    general.useragent.extra.seamonkey

    by adding at the end the value of

    "NOT Firefox" so that the entire string value reads

    SeaMonkey/1.1.9 NOT Firefox

    Option 2 is the preferred method so that SeaMonkey still shows up in
    server logs and isn't incorrectly identified solely as FF.


    --
    Ed Mullen
    http://edmullen.net
    I used to be schizophrenic, but we're all right now.

  3. Re: Browser spoofing

    On 2008-05-31 17:33 CET,
    Ed Mullen wrote:

    > JohnW-Mpls wrote:
    >> I was surprised to run into a section at Go Daddy where they will
    >> accept only IE or Firefox. I will complain - I expect better of
    >> them.
    >>
    >> I've lost the link and instructions for spoofing my browser. In the
    >> meantime, how can I spoof my SeaMonkey so web sites think I am
    >> Firefox?
    >>
    >>

    >
    > 1. Get User Agent Switcher -
    > http://chrispederick.com/work/user-agent-switcher/
    >
    > 2. in about:config modify the preference
    >
    > general.useragent.extra.seamonkey
    >
    > by adding at the end the value of
    >
    > "NOT Firefox" so that the entire string value reads
    >
    > SeaMonkey/1.1.9 NOT Firefox
    >
    > Option 2 is the preferred method so that SeaMonkey still shows up in
    > server logs and isn't incorrectly identified solely as FF.
    >

    I'd recommend to NOT use "NOT Firefox" but rather the informative "a
    Firefox/2.0.0.14 sibling". This since the latter is more informative
    about what SeaMonkey is and makes it more probable that, *if*, someone
    with influence and/or ambitions sees it in their log file might be
    willing to add SeaMonkey to their supported browsers - since it's so
    easily done. (Even better would be to check against "Gecko/x.y.z", if
    not feature sniffing).

    What is "NOT Firefox"? Huh, how different to Firefox is that something
    called SeaMonkey? No, we won't support it; don't have the time to
    investigate how much work it would be to support that - what was the
    name of it!? - browser. That could be anything, even a non-existing one
    - right?

    --
    Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.8.1.11) Gecko/20071128
    SeaMonkey/1.1.7 - Classic Theme - 266MHz Mobile Pentium II 288MB RAM

  4. Re: Browser spoofing

    On 31/05/08 17:33, Ed Mullen wrote:
    > JohnW-Mpls wrote:
    >> I was surprised to run into a section at Go Daddy where they will
    >> accept only IE or Firefox. I will complain - I expect better of
    >> them.
    >>
    >> I've lost the link and instructions for spoofing my browser. In the
    >> meantime, how can I spoof my SeaMonkey so web sites think I am
    >> Firefox?
    >>
    >>

    >
    > 1. Get User Agent Switcher -
    > http://chrispederick.com/work/user-agent-switcher/
    >
    > 2. in about:config modify the preference
    >
    > general.useragent.extra.seamonkey
    >
    > by adding at the end the value of
    >
    > "NOT Firefox" so that the entire string value reads
    >
    > SeaMonkey/1.1.9 NOT Firefox
    >
    > Option 2 is the preferred method so that SeaMonkey still shows up in
    > server logs and isn't incorrectly identified solely as FF.
    >
    >


    Rather than modifying general.useragent.extra.seamonkey, which will as a
    consequence "freeze" the current SeaMonkey version in your useragent
    string, and not show the new version when you upgrade, you can create
    (using Right-click -> New -> String) a new preference with a name
    starting with "general.useragent.extra." -- e.g.
    general.useragent.extra.firesomething -- and with a value including the
    "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox 2.0.0.14
    is the Firefox version based on the same Gecko backend as SeaMonkey
    1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or 2.0, the
    correct SeaMonkey version will be shown when, for instance, you report a
    bug.

    Best regards,
    Tony.
    --
    OLD WOMAN: King of the WHO?
    ARTHUR: The Britons.
    OLD WOMAN: Who are the Britons?
    "Monty Python and the Holy Grail" PYTHON (MONTY)
    PICTURES LTD

  5. Re: Browser spoofing

    Rolf wrote:
    > On 2008-05-31 17:33 CET,
    > Ed Mullen wrote:
    >
    >> JohnW-Mpls wrote:
    >>> I was surprised to run into a section at Go Daddy where they will
    >>> accept only IE or Firefox. I will complain - I expect better of
    >>> them.
    >>>
    >>> I've lost the link and instructions for spoofing my browser. In the
    >>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>> Firefox?
    >>>
    >>>

    >>
    >> 1. Get User Agent Switcher -
    >> http://chrispederick.com/work/user-agent-switcher/
    >>
    >> 2. in about:config modify the preference
    >>
    >> general.useragent.extra.seamonkey
    >>
    >> by adding at the end the value of
    >>
    >> "NOT Firefox" so that the entire string value reads
    >>
    >> SeaMonkey/1.1.9 NOT Firefox
    >>
    >> Option 2 is the preferred method so that SeaMonkey still shows up in
    >> server logs and isn't incorrectly identified solely as FF.
    >>

    > I'd recommend to NOT use "NOT Firefox" but rather the informative "a
    > Firefox/2.0.0.14 sibling". This since the latter is more informative
    > about what SeaMonkey is and makes it more probable that, *if*, someone
    > with influence and/or ambitions sees it in their log file might be
    > willing to add SeaMonkey to their supported browsers - since it's so
    > easily done.


    Add whatever makes you feel good. The point is to inject /something/
    into the UA to fool the fools who do browser sniffing into thinking that
    you are using FF.

    > (Even better would be to check against "Gecko/x.y.z", if
    > not feature sniffing).


    Even better would be for authors to write sites that do not need
    browser-dependent hacks. Still, that isn't something a user can
    control. A user can only fool the fools.
    >
    > What is "NOT Firefox"?


    Well, if (and that is a huge leap) someone monitors site logs, it would
    tell them a lot. It would tell them that informed users are able to use
    their site and that their premises of browser detection are simply
    wrong. And, of course, all of that depends on the hosting service
    providing that level of detail in its logs.

    > Huh, how different to Firefox is that something
    > called SeaMonkey? No, we won't support it; don't have the time to
    > investigate how much work it would be to support that - what was the
    > name of it!? - browser. That could be anything, even a non-existing one
    > - right?


    Nice description of the laziness and ignorance of Web site
    managers/designers. But, it mostly doesn't matter /how/ you trick the
    site's browser sniffing, from a usability standpoint, only that you do
    so successfully.

    --
    Ed Mullen
    http://edmullen.net
    Why is a person who plays the piano called a pianist, but a person who
    drives a race car not called a racist?

  6. Re: Browser spoofing

    Tony Mechelynck wrote:
    > On 31/05/08 17:33, Ed Mullen wrote:
    >> JohnW-Mpls wrote:
    >>> I was surprised to run into a section at Go Daddy where they will
    >>> accept only IE or Firefox. I will complain - I expect better of
    >>> them.
    >>>
    >>> I've lost the link and instructions for spoofing my browser. In the
    >>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>> Firefox?
    >>>
    >>>

    >>
    >> 1. Get User Agent Switcher -
    >> http://chrispederick.com/work/user-agent-switcher/
    >>
    >> 2. in about:config modify the preference
    >>
    >> general.useragent.extra.seamonkey
    >>
    >> by adding at the end the value of
    >>
    >> "NOT Firefox" so that the entire string value reads
    >>
    >> SeaMonkey/1.1.9 NOT Firefox
    >>
    >> Option 2 is the preferred method so that SeaMonkey still shows up in
    >> server logs and isn't incorrectly identified solely as FF.
    >>
    >>

    >
    > Rather than modifying general.useragent.extra.seamonkey, which will as a
    > consequence "freeze" the current SeaMonkey version in your useragent
    > string, and not show the new version when you upgrade, you can create
    > (using Right-click -> New -> String) a new preference with a name
    > starting with "general.useragent.extra." -- e.g.
    > general.useragent.extra.firesomething -- and with a value including the
    > "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox 2.0.0.14
    > is the Firefox version based on the same Gecko backend as SeaMonkey
    > 1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or 2.0, the
    > correct SeaMonkey version will be shown when, for instance, you report a
    > bug.


    Nice. Good suggestion, Tony.

    How about this:

    Preference:

    general.useragent.extra.idiots

    String:

    "Hey! Learn something before you write a Web site for Firefox that
    excludes SeaMonkey, you dolts! This is ..."

    Create that one and then do Help - About. ;-)

    --
    Ed Mullen
    http://edmullen.net
    If vegetarians eat vegetables, what do humanitarians eat?

  7. Re: Browser spoofing

    On 01/06/08 22:35, Ed Mullen wrote:
    > Tony Mechelynck wrote:
    >> On 31/05/08 17:33, Ed Mullen wrote:
    >>> JohnW-Mpls wrote:
    >>>> I was surprised to run into a section at Go Daddy where they will
    >>>> accept only IE or Firefox. I will complain - I expect better of
    >>>> them.
    >>>>
    >>>> I've lost the link and instructions for spoofing my browser. In the
    >>>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>>> Firefox?
    >>>>
    >>>>
    >>>
    >>> 1. Get User Agent Switcher -
    >>> http://chrispederick.com/work/user-agent-switcher/
    >>>
    >>> 2. in about:config modify the preference
    >>>
    >>> general.useragent.extra.seamonkey
    >>>
    >>> by adding at the end the value of
    >>>
    >>> "NOT Firefox" so that the entire string value reads
    >>>
    >>> SeaMonkey/1.1.9 NOT Firefox
    >>>
    >>> Option 2 is the preferred method so that SeaMonkey still shows up in
    >>> server logs and isn't incorrectly identified solely as FF.
    >>>
    >>>

    >>
    >> Rather than modifying general.useragent.extra.seamonkey, which will as
    >> a consequence "freeze" the current SeaMonkey version in your useragent
    >> string, and not show the new version when you upgrade, you can create
    >> (using Right-click -> New -> String) a new preference with a name
    >> starting with "general.useragent.extra." -- e.g.
    >> general.useragent.extra.firesomething -- and with a value including
    >> the "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox
    >> 2.0.0.14 is the Firefox version based on the same Gecko backend as
    >> SeaMonkey 1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or
    >> 2.0, the correct SeaMonkey version will be shown when, for instance,
    >> you report a bug.

    >
    > Nice. Good suggestion, Tony.
    >
    > How about this:
    >
    > Preference:
    >
    > general.useragent.extra.idiots
    >
    > String:
    >
    > "Hey! Learn something before you write a Web site for Firefox that
    > excludes SeaMonkey, you dolts! This is ..."
    >
    > Create that one and then do Help - About. ;-)
    >


    Hmmm... It might make the string unexpectedly long, and still not allow
    entry to sites which dumbly check Firefox version by extracting the
    numbers found after "Firefox/". It's to fool these that I suggested
    adding a string including "Firefox/2.0.0.14".

    But you might want to add another string, let's say
    general.useragent.extra.zzgecko with the value "- see
    http://geckoisgecko.org".

    Since the verious general.useragent.extra.* preferences are incorporated
    into the useragent string in alphabetical order of the pref name,
    firesomething will come before seamonkey and zzgecko will come after it.

    Best regards,
    Tony.
    --
    A neighbor came to Nasrudin, asking to borrow his donkey. "It is out
    on loan," the teacher replied. At that moment, the donkey brayed
    loudly inside the stable. "But I can hear it bray, over there." "Whom
    do you believe," asked Nasrudin, "me or a donkey?"

  8. Re: Browser spoofing

    On Sun, 01 Jun 2008 21:52:48 +0200, Tony Mechelynck
    wrote:

    >On 31/05/08 17:33, Ed Mullen wrote:
    >> JohnW-Mpls wrote:
    >>> I've lost the link and instructions for spoofing my browser. In the
    >>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>> Firefox?
    >>>
    >>>

    >>
    >> 1. Get User Agent Switcher -
    >> http://chrispederick.com/work/user-agent-switcher/
    >>
    >> 2. in about:config modify the preference
    >>
    >> general.useragent.extra.seamonkey
    >>
    >> by adding at the end the value of
    >>
    >> "NOT Firefox" so that the entire string value reads
    >>
    >> SeaMonkey/1.1.9 NOT Firefox
    >>
    >> Option 2 is the preferred method so that SeaMonkey still shows up in
    >> server logs and isn't incorrectly identified solely as FF.
    >>
    >>

    >
    >Rather than modifying general.useragent.extra.seamonkey, which will as a
    >consequence "freeze" the current SeaMonkey version in your useragent
    >string, and not show the new version when you upgrade, you can create
    >(using Right-click -> New -> String) a new preference with a name
    >starting with "general.useragent.extra." -- e.g.
    >general.useragent.extra.firesomething -- and with a value including the
    >"Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox 2.0.0.14
    >is the Firefox version based on the same Gecko backend as SeaMonkey
    >1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or 2.0, the
    >correct SeaMonkey version will be shown when, for instance, you report a
    >bug.
    >
    >Best regards,
    >Tony.


    Thanks for the help, guys. After trying a number of suggestions, I
    finally got something that works.

    1. I went to the site to get the "user-agent-switcher" with
    SeaMonkey but it never responded to my request for a download.

    2. In SM's about:config and the "general.useragent.extra.seamonkey"
    entry - I edited the value a number of ways to "Seamonkey/1.1.9 NOT
    Firefox" and then "Seamonkey/1.1.9 Firefox sibling", etc. None
    worked.

    3 Success came when in SM's about:config, I created (added) a new
    string: "general.useragent.extra.firefx" with the value
    "Firefox/2.0.0.14 sibling".

    My two test cases were getting to my account at www.comcast.net and
    a special section deep inside my account at GoDaddy. Both had
    demanded IE or Firefox.

    So far, so good. I assume I will have to remember to do similar
    editing for SeaMonkey 2 (after Firefox 3 comes out [later this
    month?]). T'would be nice if SeaMonkey 2 had this built-in somehow.

    --
    JohnW-Mpls

  9. Re: Browser spoofing

    Ed Mullen wrote:
    > Tony Mechelynck wrote:
    >> On 31/05/08 17:33, Ed Mullen wrote:
    >>> JohnW-Mpls wrote:
    >>>> I was surprised to run into a section at Go Daddy where they will
    >>>> accept only IE or Firefox. I will complain - I expect better of
    >>>> them.
    >>>>
    >>>> I've lost the link and instructions for spoofing my browser. In the
    >>>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>>> Firefox?
    >>>>
    >>>>
    >>>
    >>> 1. Get User Agent Switcher -
    >>> http://chrispederick.com/work/user-agent-switcher/
    >>>
    >>> 2. in about:config modify the preference
    >>>
    >>> general.useragent.extra.seamonkey
    >>>
    >>> by adding at the end the value of
    >>>
    >>> "NOT Firefox" so that the entire string value reads
    >>>
    >>> SeaMonkey/1.1.9 NOT Firefox
    >>>
    >>> Option 2 is the preferred method so that SeaMonkey still shows up in
    >>> server logs and isn't incorrectly identified solely as FF.
    >>>
    >>>

    >>
    >> Rather than modifying general.useragent.extra.seamonkey, which will as
    >> a consequence "freeze" the current SeaMonkey version in your useragent
    >> string, and not show the new version when you upgrade, you can create
    >> (using Right-click -> New -> String) a new preference with a name
    >> starting with "general.useragent.extra." -- e.g.
    >> general.useragent.extra.firesomething -- and with a value including
    >> the "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox
    >> 2.0.0.14 is the Firefox version based on the same Gecko backend as
    >> SeaMonkey 1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or
    >> 2.0, the correct SeaMonkey version will be shown when, for instance,
    >> you report a bug.

    >
    > Nice. Good suggestion, Tony.
    >
    > How about this:
    >
    > Preference:
    >
    > general.useragent.extra.idiots
    >
    > String:
    >
    > "Hey! Learn something before you write a Web site for Firefox that
    > excludes SeaMonkey, you dolts! This is ..."
    >
    > Create that one and then do Help - About. ;-)
    >


    Most of the web spotting software tends to truncate the agent string to
    no more than a couple words. With few exceptions, there is no real
    need for agent sniffing any more, you could probably start a campaign to
    use pithy one word comments and explorer to make the point.

    However, the type of sites that think they have to sniff browsers tend
    to be run by the technically illiterate that wouldnt be paying attention
    to browser ident in their stats anyway.


  10. Re: Browser spoofing

    On or about 6/1/2008 4:35 PM, Ed Mullen typed the following:
    > Tony Mechelynck wrote:
    >> On 31/05/08 17:33, Ed Mullen wrote:
    >>> JohnW-Mpls wrote:
    >>>> I was surprised to run into a section at Go Daddy where they will
    >>>> accept only IE or Firefox. I will complain - I expect better of
    >>>> them.
    >>>>
    >>>> I've lost the link and instructions for spoofing my browser. In the
    >>>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>>> Firefox?
    >>>>
    >>>>
    >>>
    >>> 1. Get User Agent Switcher -
    >>> http://chrispederick.com/work/user-agent-switcher/
    >>>
    >>> 2. in about:config modify the preference
    >>>
    >>> general.useragent.extra.seamonkey
    >>>
    >>> by adding at the end the value of
    >>>
    >>> "NOT Firefox" so that the entire string value reads
    >>>
    >>> SeaMonkey/1.1.9 NOT Firefox
    >>>
    >>> Option 2 is the preferred method so that SeaMonkey still shows up in
    >>> server logs and isn't incorrectly identified solely as FF.
    >>>
    >>>

    >>
    >> Rather than modifying general.useragent.extra.seamonkey, which will as
    >> a consequence "freeze" the current SeaMonkey version in your useragent
    >> string, and not show the new version when you upgrade, you can create
    >> (using Right-click -> New -> String) a new preference with a name
    >> starting with "general.useragent.extra." -- e.g.
    >> general.useragent.extra.firesomething -- and with a value including
    >> the "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox
    >> 2.0.0.14 is the Firefox version based on the same Gecko backend as
    >> SeaMonkey 1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or
    >> 2.0, the correct SeaMonkey version will be shown when, for instance,
    >> you report a bug.

    >
    > Nice. Good suggestion, Tony.
    >
    > How about this:
    >
    > Preference:
    >
    > general.useragent.extra.idiots
    >
    > String:
    >
    > "Hey! Learn something before you write a Web site for Firefox that
    > excludes SeaMonkey, you dolts! This is ..."
    >
    > Create that one and then do Help - About. ;-)
    >


    That's little long. How about survey to find one the majority like and
    then use it. Then those that actually check who uses their sites would
    at least see a consistent value and might actually change their way of
    doing things.

    I know I'm using NOT Firefox, but I would prefer one of the others.

    --
    Ed
    All outgoing/incoming mail scanned by Avast AV program.

    "When angry, count four; when very angry, swear." -Mark Twain (1835-1910)

  11. Re: Browser spoofing

    On 01/06/08 23:49, JohnW-Mpls wrote:
    [...]
    > So far, so good. I assume I will have to remember to do similar
    > editing for SeaMonkey 2 (after Firefox 3 comes out [later this
    > month?]). T'would be nice if SeaMonkey 2 had this built-in somehow.
    >


    There's a bug report about that,
    https://bugzilla.mozilla.org/show_bug.cgi?id=387416 , by SeaMonkey
    project leader Robert Kaiser, and even a bounty for whoever would fix
    it; but it doesn't seem to attract many takers.

    Best regards,
    Tony.
    --
    "Uncle Cosmo ... why do they call this a word processor?"

    "It's simple, Skyler ... you've seen what food processors do to food,
    right?"
    -- MacNelley, "Shoe"

  12. Re: Browser spoofing

    Lon Stowell wrote:
    > Ed Mullen wrote:
    >> Tony Mechelynck wrote:
    >>> On 31/05/08 17:33, Ed Mullen wrote:
    >>>> JohnW-Mpls wrote:
    >>>>> I was surprised to run into a section at Go Daddy where they will
    >>>>> accept only IE or Firefox. I will complain - I expect better of
    >>>>> them.
    >>>>>
    >>>>> I've lost the link and instructions for spoofing my browser. In the
    >>>>> meantime, how can I spoof my SeaMonkey so web sites think I am
    >>>>> Firefox?
    >>>>>
    >>>>>
    >>>>
    >>>> 1. Get User Agent Switcher -
    >>>> http://chrispederick.com/work/user-agent-switcher/
    >>>>
    >>>> 2. in about:config modify the preference
    >>>>
    >>>> general.useragent.extra.seamonkey
    >>>>
    >>>> by adding at the end the value of
    >>>>
    >>>> "NOT Firefox" so that the entire string value reads
    >>>>
    >>>> SeaMonkey/1.1.9 NOT Firefox
    >>>>
    >>>> Option 2 is the preferred method so that SeaMonkey still shows up in
    >>>> server logs and isn't incorrectly identified solely as FF.
    >>>>
    >>>>
    >>>
    >>> Rather than modifying general.useragent.extra.seamonkey, which will
    >>> as a consequence "freeze" the current SeaMonkey version in your
    >>> useragent string, and not show the new version when you upgrade, you
    >>> can create (using Right-click -> New -> String) a new preference with
    >>> a name starting with "general.useragent.extra." -- e.g.
    >>> general.useragent.extra.firesomething -- and with a value including
    >>> the "Firefox" name, such as "a Firefox/2.0.0.14 sibling," (Firefox
    >>> 2.0.0.14 is the Firefox version based on the same Gecko backend as
    >>> SeaMonkey 1.1.9). This way, after you upgrade to SeaMonkey 1.1.10 or
    >>> 2.0, the correct SeaMonkey version will be shown when, for instance,
    >>> you report a bug.

    >>
    >> Nice. Good suggestion, Tony.
    >>
    >> How about this:
    >>
    >> Preference:
    >>
    >> general.useragent.extra.idiots
    >>
    >> String:
    >>
    >> "Hey! Learn something before you write a Web site for Firefox that
    >> excludes SeaMonkey, you dolts! This is ..."
    >>
    >> Create that one and then do Help - About. ;-)
    >>

    >
    > Most of the web spotting software tends to truncate the agent string to
    > no more than a couple words.


    Really? Most sniffer scripts I've seen simply check for the existence
    of a word: e.g. "Firefox." It doesn't matter where it shows up in the
    UA string.


    --
    Ed Mullen
    http://edmullen.net
    A waist is a terrible thing to mind.

  13. Re: Browser spoofing

    On 02/06/08 04:05, Ed Mullen wrote:
    [...]
    > Really? Most sniffer scripts I've seen simply check for the existence of
    > a word: e.g. "Firefox." It doesn't matter where it shows up in the UA
    > string.


    Maybe they do, but they oughtn't to. The "proper" way to do it is to
    check for the existence of whatever functions (or other objects) you
    want to use, which aren't available on every browser.

    Otherwise, problems are bound to happen: an IE user might spoof a
    Firefox UA, or vice-versa, but that spoof isn't going to create
    javascript objects which weren't available on their browser to begin with.


    Best regards,
    Tony.
    --
    ARTHUR: ... and I am your king ....
    OLD WOMAN: Ooooh! I didn't know we had a king. I thought we were an
    autonomous collective ...
    "Monty Python and the Holy Grail" PYTHON (MONTY)
    PICTURES LTD

  14. Re: Browser spoofing

    Tony Mechelynck wrote:
    > On 02/06/08 04:05, Ed Mullen wrote:
    > [...]
    >> Really? Most sniffer scripts I've seen simply check for the existence of
    >> a word: e.g. "Firefox." It doesn't matter where it shows up in the UA
    >> string.

    >
    > Maybe they do, but they oughtn't to. The "proper" way to do it is to
    > check for the existence of whatever functions (or other objects) you
    > want to use, which aren't available on every browser.


    The simple sniffer scripts that look for one or two words arent even
    marginally suitable for checking agents or plugins. And rarely are the
    web sites that use them...or think they need to use them. e.g.
    comcast.net
    >
    > Otherwise, problems are bound to happen: an IE user might spoof a
    > Firefox UA, or vice-versa, but that spoof isn't going to create
    > javascript objects which weren't available on their browser to begin with.


    It could be argued whether or not this is a bad thing.
    If the site truly thinks you need IE, it might do something stupid if
    you do have IE. Most of the ones that ask for IE work as well as I'd
    care to risk with just agent switcher spoofing.

+ Reply to Thread