• @TrickDacy
    link
    15 months ago

    I knew you would say that. I imagine that user agent strings as a concept are bad, in your opinion?

    • boredsquirrel
      link
      fedilink
      15 months ago

      They are useful to differentiate mobile from PC devices. That is not needed as many Websites are dynamic, but useful for some.

      As all browsers also support the common web standards, it is also not necessary for determining supported features or something.

      The only other use I find is having download links targeting the platform, but especially on Linux that is not really useful

      • @TrickDacy
        link
        15 months ago

        “useful” is relative. I prefer a world where websites can know which platforms users are coming from, as it helps them know where to focus their support efforts.

        There are billions of users but probably only a few OSes mentioned in UA strings so it seems like a decent trade off to me. My exact UA string is likely shared by millions of users even though my OS is somewhat rare on the world stage. Until the day comes that web browsers work exactly the same way on every platform, at which case I’d agree with you, no longer useful. Unfortunately for decades we’ve been quite a bit short of that end.

        Just checked because I couldn’t remember exactly what OS info mine included last I looked. It’s quite generic: Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0

        • boredsquirrel
          link
          fedilink
          1
          edit-2
          5 months ago

          There is a big variety of browsers there, and as I said, the UA is simply one of the many tracking points.

          Websites often dont support users, they live off ads because we didnt find any internet model that can live without ads, which are a horrible concept.

          I was in a supermarket today where card payment was broken. There was a huge sign in the middle of the entrance about that, but a lot of people still didnt read it and had to bring back their groceries.

          I think this is in part due to ads. Ads train us to not concentrate, zoom out and be passive. Otherwise, looking at all that manipulative garbage would make us insane.

          So I am curious to why Websites would need to support users. Normal web standards work the same. There is a trend towards not supporting Firefox or maybe platforms with worse DRM, like Linux (where you can screencast any DRM browser anyways). So I think Netflix uses the Linux user agent to limit you to 1080p (as a laptop user and pirate I have no idea how this is an issue though)

          You are lucky here with your generic UA. maybe this is also outdated, but I read this was a thing at least on some distro packaged Firefoxes.

          Also that the search engines preconfigured would always get the info about what OS you are using.

          Yes these things may not be critical, and Firefox does a ton of awesome things like cookie isolation and containers, to limit the creepy stuff.

          But

          • having HTTPS off by default
          • being on “default” privacy level
          • keeping all cookies

          Is simply not okay. HTTP is still possible, I only know a single popup-ads-riddled site that doesnt work with Firefoxes most private setting. And deleting all cookies and making exceptions work kinda fine.

          There was a button to save cookies for a site, but it is gone? No idea why.

          Improving good private UX helps. Being too shy to implement it harms its reputation I think.

          I also like Brave with their model for monetization via crypto. I would be happy to tip a few cents for every website click, but micro transactions just dont really work.

          But as a sensitive person, I will absolutely always block every ad possible, as ads are horrible.

          • @TrickDacy
            link
            1
            edit-2
            5 months ago

            I agree with you about ads for sure. But I’m not really sure what you mean about https being off by default. What I’ve noticed is that if I type an IP address into the address bar, FF first tries https and if that fails falls back to http.

            Regarding UA string: As a web developer I have worked on many projects, one currently, where browsers misbehave in unpredictable ways. Most notable these days is Safari. Without a user agent string I really don’t have a way to workaround that browser’s shortcomings. Yes, for this purpose, the UA string should be a last resort because feature detection is best, but trust me feature detection isn’t always possible. It would not work for the current slew of issues I’m working through in Safari.

            Also, I would encourage you to read up on Brave and funder/fundamentalist Peter Thiel. Brave is not only a Google supporting browser by virtue of using chromium, it’s also wrapped up in some shady shit, including being funded by a conservative psychopath.

            • boredsquirrel
              link
              fedilink
              15 months ago

              I mean the HTTPS-only toggle. It still allows HTTP but after a warning. HTTP sites still work, so this should be opt-out.

              Safari only works on 2/3 Platforms, so I dont think a UA containing the OS, let alone a detailed “Lubuntu” etc. detail

              I heard about Peter Thiel I think in very different contexts? I wouldnt support Brave at all, I use a mix or hardened Firefox, Mull and Vanadium.

              • @TrickDacy
                link
                15 months ago

                I really don’t understand. So the fact that FF warms you against a (btw rare) thing is somehow not enough? …

                And I’m telling you as a web developer who has to support multiple versions of Safari, it’s not something I can just dismiss as irrelevant as you’re apparently intent on doing.

                And about brave, you brought it up not me. Still don’t understand why it even came up, especially if you’re actively against it…

                • boredsquirrel
                  link
                  fedilink
                  1
                  edit-2
                  5 months ago

                  I am not sure how embedded media inside HTTPS websites use HTTP. But using HTTPS exclusively is very possible today, nearly no websites not supporting it. So I see no reason here.

                  But this is just an example and that is also GUI configurable.

                  I see that Safari and different Browsers are an issue, but do you need OS info for that? Especially fine grained info?

                  I mentioned Brave because they integrated something that is not ads, but I think it is ads anyways? So not using the browser, but pro anything with direct payment

                  • @TrickDacy
                    link
                    15 months ago

                    Still unsure what you’re saying about https. Firefox treats insecure sites as dangerous and tries to tell the user to beware, for that one time a year you might run into that situation. And by default, insecure content in a secure page is blocked in FF and I think that was true even in IE 11. That’s been pretty standard for a long time.

                    Regarding OS in the UA, no, rarely would you need it. I think browsers can send whatever they want there though. Are you saying that LibreWolf sends one without OS? Again to me it’s a little paranoid to nitpick this but what I thought you were saying before is that UAs should not exist period, which I was disputing because I literally have been spending the last month working through safari specific bugs that would be nearly impossible to handle without a UA string to know the user is running safari. Sometimes I do need to know iPad vs iPhone, but that’s not only rare but probably even more offensive to you than the UA mentioning the OS/OS family.