473,544 Members | 1,908 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

User Agent Detection Logic

Hi guys,

I have put together a flexible client-side user agent detector (written in
js). I thought that some of you may find it useful. Code is here:

http://fotios.cc/software/ua_detect.htm

The detector requires javascript 1.0 to work. This translates to netscape
2.0 and IE 3.0 (although maybe IE 2.0 also works with it)

Cheers,
Fotios

--
http://fotios.cc/

Jul 20 '05 #1
60 7207
"Fotios" <f_****@yahoo.c om> writes:
I have put together a flexible client-side user agent detector (written in
js). I thought that some of you may find it useful. Code is here:

http://fotios.cc/software/ua_detect.htm
My only real problem with this code, is the problem it tries to solve.

You are trying to make a white-list of allowed browsers. White-lists
are not a very good idea, since they require constant updating. A
black-list is better. If you give a warning for browsers that you know
are *not* compatible with your page, and you write code that works
with modern standards, then you will rarely have to update the list.
That is, give an unknown browser the benefit of the doubt.

You also base the detection solely on the navigator.userA gent string.
That is not a reliable method, as some browsers are known to fake that
string.

There are some minor stuff:

- You use parseInt with only one argument. (And which browser has the
length of an array as a string?)

- You use "new Array(elem1,ele m2,...,elemn);" , which doesn't seem to
initialize the array in Netscape 2.02 (nor does the length property
of the array work).

- You write <script language="JavaS cript">, which is illegal in HTML 4+.
The type attribute is required.

The detector requires javascript 1.0 to work. This translates to
netscape 2.0 and IE 3.0 (although maybe IE 2.0 also works with it)


IE 2 didn't have scripting at all. That was introduced in IE 3.0b2,
IIRC. I don't think the script is compatible with Netscape 2.

/L
--
Lasse Reichstein Nielsen - lr*@hotpop.com
Art D'HTML: <URL:http://www.infimum.dk/HTML/randomArtSplit. html>
'Faith without judgement merely degrades the spirit divine.'
Jul 20 '05 #2
"Fotios" <f_****@yahoo.c om> wrote in message
news:3f******** *************@n ews.gradwell.ne t...
I have put together a flexible client-side user agent detector (written
in js). I thought that some of you may find it useful. Code is here:

http://fotios.cc/software/ua_detect.htm

The detector requires javascript 1.0 to work. This translates to
netscape 2.0 and IE 3.0 (although maybe IE 2.0 also works with it)


User agent detecting is unnecessary in almost all cases but of the
methods that have been attempted the use of the browser's
navigator.userA gent string is easily the most useless as very few
current browsers report consistent or accurate information in this
string. Often in order to avoid this type of clumsy and misguided
detection categorising them as "unknown" or "declined" when their
JavaScript and DOM support is entirely up to the requirements of the
majority of scripts and their authors can see no reason for them to be
excluded just because some script author only knows enough to recognise
7 browsers by name.

<URL: http://jibbering.com/faq/#FAQ4_26 >

Richard.
Jul 20 '05 #3
Hi Lasse,

thanks for taking the time to help me (or us) improve this code!

My only real problem with this code, is the problem it tries to solve.

You are trying to make a white-list of allowed browsers. White-lists
are not a very good idea, since they require constant updating. A
black-list is better. If you give a warning for browsers that you know
are *not* compatible with your page, and you write code that works
with modern standards, then you will rarely have to update the list.
I understand what you are trying to say but my experience from web
development says that if you want to play it safe you should only allow your
code to run on specific browsers - the browsers you have tested it with.
However, if you review the code you will see that is uses a list that is
both black and white; i.e. you can have both white listed and black listed
browsers (Black listing takes precedence)

That is, give an unknown browser the benefit of the doubt.
If you check the code you will see there is an option just for that (i.e.
whether you want to allow an unknown browser to continue or not)


You also base the detection solely on the navigator.userA gent string.
That is not a reliable method, as some browsers are known to fake that
string.
Well, let's say that I won't be interested in covering this case just yet.
AFAIK all major browsers have a default user agent string that is
distinctive in some way and the rest of them (not major) should as well.


There are some minor stuff:

- You use parseInt with only one argument. (And which browser has the
length of an array as a string?)
- You use "new Array(elem1,ele m2,...,elemn);" , which doesn't seem to
initialize the array in Netscape 2.02 (nor does the length property
of the array work).
You are right on both of these two remarks. The first one was due to my
sloppy testing of NN 2.0; I was getting an error and I assumed this was due
to wrong typing of the length property of arrays but further testing I just
did shows that this property is simply undefined (thus the error).

And yes, this style of Array initialization does not seem to work with NN
2.0.

So, what I still need to make this work under NN 2.0 is:
- write a function that counts the length of an array in a way that is JS
1.0 compatible.
- initialize the array with arr[index] = value; type of statements

I should have the revised version soon.

BTW, there is a great old browser software archive here:
http://browsers.evolt.org/


- You write <script language="JavaS cript">, which is illegal in HTML 4+.
The type attribute is required.
Thanks for letting me know. I added it.


The detector requires javascript 1.0 to work. This translates to
netscape 2.0 and IE 3.0 (although maybe IE 2.0 also works with it)


IE 2 didn't have scripting at all. That was introduced in IE 3.0b2,


Yeah, some crooked hypothesis making on my part there. That was Netscape's
golden era.

Later,
Fotios

Jul 20 '05 #4

User agent detecting is unnecessary in almost all cases but of the
methods that have been attempted the use of the browser's
navigator.userA gent string is easily the most useless as very few
current browsers report consistent or accurate information in this
string. Often in order to avoid this type of clumsy and misguided
detection categorising them as "unknown" or "declined" when their
JavaScript and DOM support is entirely up to the requirements of the
majority of scripts and their authors can see no reason for them to be
excluded just because some script author only knows enough to recognise
7 browsers by name.


I rarely read something as inacurate as what you have just written.

What about the fact that most script that goes around does not run properly
in more than one or two browsers? A detector is about "what is" not about
"what ought to be".

F.


Jul 20 '05 #5
"Fotios" <f_****@yahoo.c om> wrote in message
news:3f******** *************@n ews.gradwell.ne t...
User agent detecting is unnecessary in almost all cases but of the
methods that have been attempted the use of the browser's
navigator.use rAgent string is easily the most useless as very few
current browsers report consistent or accurate information in this
string. Often in order to avoid this type of clumsy and misguided
detection categorising them as "unknown" or "declined" when their
JavaScript and DOM support is entirely up to the requirements
of the majority of scripts and their authors can see no reason for
them to be excluded just because some script author only knows
enough to recognise 7 browsers by name.
I rarely read something as inacurate as what you have just written.


So you haven't bothered to read the comp.lang.javas cript FAQ before
posting then:-

<URL: http://jibbering.com/faq/#FAQ4_26 >

- as it says essentially the same thing. (Still, I don't expect you
would consider that a document that is subject the scrutiny and review
of all of the regular poster to this group as having anything accurate
to say on the subject of browser scripting.)
What about the fact that most script that goes around does not run
properly in more than one or two browsers?
"most script that goes around" is written (or more often cut-n-pasted)
by people who do not really understand what they are doing and should
not be taken as an example of best (and in many cases not even
acceptable) practice.
A detector is about "what is" not about "what ought to be".


So test "what is" not "what ought to be" which is what you are testing
by assuming that the navigator.userA gent string ought to be a
discriminating indicator of the type and version of a web browser. It is
not and has not been for quite some time now.

As it is your code will identify Konqueror 3 as IE, Netscape, Opera,
Konqueror and unknown depending on which of the userAgent string I
choose form the list of 20 odd provided in the drop-down in the
preferences. While the same script will be absolutely convinced that my
Palm OS web browser is IE 6, but a script that treats it as IE 6 will
fail horribly. To qualify as a "detector" a script should be expected to
produce discriminating results. The navigator.userA gent string just
cannot provide that.

But, as I said, it is almost never necessary to know the browser type or
version. Feature detection is the preferred strategy. A script author
should know what features a browser must support in order for a script
to work. Testing for the existence of those features prior to execution
allows a script to execute in any browser that supports them and if they
are not available it can cleanly and harmlessly exit. A strategy that is
only interested in "what is" available on the browser in question, but
without any interest in which browser that actually is. Also a strategy
that can work successfully in a completely unknown browser, exploiting
any browser up to its ability to support the script.

Richard.
Jul 20 '05 #6
So you haven't bothered to read the comp.lang.javas cript FAQ before
posting then:-

<URL: http://jibbering.com/faq/#FAQ4_26 >
I do not need to read the FAQ before or after I post.

- as it says essentially the same thing. (Still, I don't expect you
would consider that a document that is subject the scrutiny and review
of all of the regular poster to this group as having anything accurate
to say on the subject of browser scripting.)
I don't know what to answer to you as I have not read the FAQ.
What about the fact that most script that goes around does not run
properly in more than one or two browsers?
"most script that goes around" is written (or more often cut-n-pasted)
by people who do not really understand what they are doing and should
not be taken as an example of best (and in many cases not even
acceptable) practice.


Isn't it still a fact that most script that goes around is not
cross-browser?
I have also heard that no scripter really knows what he/she is doing. What
do you think about that?
A detector is about "what is" not about "what ought to be".
So test "what is" not "what ought to be" which is what you are testing
by assuming that the navigator.userA gent string ought to be a
discriminating indicator of the type and version of a web browser. It is
not and has not been for quite some time now.


One can easily write a lynx-like user agent that supplies any user string
he/she damn pleases.
Why does that shatter the status of things? (The status being that all major
browsers have - and should have - distinctive default strings)

As it is your code will identify Konqueror 3 as IE, Netscape, Opera
Konqueror and unknown depending on which of the userAgent string I
choose form the list of 20 odd provided in the drop-down in the
preferences.
Well, if you change the string you are on your own.
While the same script will be absolutely convinced that my
Palm OS web browser is IE 6, but a script that treats it as IE 6 will
fail horribly. To qualify as a "detector" a script should be expected to
produce discriminating results. The navigator.userA gent string just
cannot provide that.
Only because you were naughty and you changed the string.
What is the motivation in coding for the miniscule percentage of users who
not only use virtually non-existent browsers but also play with their user
agent strings?

But, as I said, it is almost never necessary to know the browser type or
version. Feature detection is the preferred strategy. A script author
should know what features a browser must support in order for a script
to work.
Testing for the existence of those features prior to execution
allows a script to execute in any browser that supports them and if they
are not available it can cleanly and harmlessly exit. A strategy that is
only interested in "what is" available on the browser in question, but
without any interest in which browser that actually is. Also a strategy
that can work successfully in a completely unknown browser, exploiting
any browser up to its ability to support the script.


1. Detecting a browser type is not necessarily for scripting purposes. For
instance, you may not like the way something renders in gecko.

2. I don't want to build a detector every time depending on what I want to
use.

3. A generic feature based browser detector seems to be much more work than
the one I posted. If you build one let me know and I will give it a try.

F.

Jul 20 '05 #7
Hi,

I have amended the code in a few places in order to be Netscape 2.0 (JS 1.0)
compatible:

* The JS1.0 parseFloat() function needed some help as it returns 0 (instead
of the NaN in later JS versions) when the initial char of the string is not
a digit.
There is now a helper function named: skipNonDigits()

* The array is now populated in a way that is JS 1.0 compatible

* I use substring() instead of substr(). This is because the former seems to
be working better in Netscape 2.0 although both are supported by JS 1.0

* In lack of the length property for arrays under JS 1.0 the length of the
browser array needs to be specified by the user along with the rest of the
parameters.

Revised code here:

http://fotios.cc/software/ua_detect.htm

Cheers,
Fotios

Jul 20 '05 #8
Ivo
"Fotios" <f_****@yahoo.c om> wrote in message
news:3f******** *************@n ews.gradwell.ne t...
So you haven't bothered to read the comp.lang.javas cript FAQ before
posting then:-

<URL: http://jibbering.com/faq/#FAQ4_26 >
I do not need to read the FAQ before or after I post.


You won't be jailed, but it seriously harms both your insight and our
sympathy if you don't.
I have also heard that no scripter really knows what he/she is doing. What
do you think about that?


No one can speak but for themselves, especially if they spend their time
behind computer screens. I for one haven't a clue.
While the same script will be absolutely convinced that my
Palm OS web browser is IE 6, but a script that treats it as IE 6 will
fail horribly. To qualify as a "detector" a script should be expected to
produce discriminating results. The navigator.userA gent string just
cannot provide that.


Only because you were naughty and you changed the string.
What is the motivation in coding for the miniscule percentage of users who
not only use virtually non-existent browsers but also play with their user
agent strings?


I started reading this thread with a positive feeling, but this turns sour.
What is the movitation behind writing a script that scrutinizes something so
irrelevant? The bottom line is the navigator agent string thing can be
changed at will both by browser-makers and end-users. Mine is a Shakespeare
quote.
If I want my script to bark up the document.images tree, I will not test for
document.styleS heets or screen.availWid th or navigator.anyTh ing.

Regards,
Ivo
Jul 20 '05 #9
In article <3f************ ***********@new s.wanadoo.nl>, "Ivo" <no@thank.you >
writes:

<snip>
I do not need to read the FAQ before or after I post.


You won't be jailed, but it seriously harms both your insight and our
sympathy if you don't.


Not to mention credibility. He multi-posted these same thoughts in the
microsoft.publi c.scripting.jsc ript NG
<snip>
Only because you were naughty and you changed the string.
What is the motivation in coding for the miniscule percentage of users who
not only use virtually non-existent browsers but also play with their user
agent strings?


I started reading this thread with a positive feeling, but this turns sour.


You too?

<snip>

--
Randy
Jul 20 '05 #10

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

3
1349
by: Raventhorn | last post by:
I am having problems that I also saw people having in the ASP.NET forums with menus and people coming to a site with weird user agent values. Is there a way to access the user agent before the user hits the site so we can determine which ones are screwing up our site? Also, is there a list of user agents available for different browsers?
35
2444
by: RobG | last post by:
Seems developers of mobile applications are pretty much devoted to UA sniffing: <URL: http://wurfl.sourceforge.net/vodafonerant/index.htm > -- Rob
0
7431
marktang
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main...
0
7779
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...
1
7387
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...
0
7714
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the...
1
5305
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...
0
4924
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...
0
3424
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...
0
3415
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
1
1848
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.