Hello,
How do I get the name of operating system of user and browser in phoenix when users send request to my api web service?
Please advise me if you know more functions which helps me to get too information of users?
itâs available in the useragent header, you can use:
or
2 Likes
Which is a lie. Do not trust user submitted dataâŠ
Iâve somewhen changed my UAH to some IE7 and surfing most of the time using that one, because there was a website once thatâs was only accessible using that header.
3 Likes
yes, itâs spoofable - I also believe browser vendors are gonna remove info and make generic user agents, as so so much fingerprinting/tracking is going onâŠ
2 Likes
Why do you want to know at all? Just build your website in a way that it works cross browser.
2 Likes
Hello @NobbZ ,
because I am going to collect Any data for Processing in future. It is noteworthy, I send email to my user when somebody loginâs by his account. then I am supposed to collect the data for data mining.
Thanks
Well fair note, that is a pretty unreliable thing to gather. Every website I access gets a randomized useragent via a plugin I have in chrome (unless I tag it to a specific one to fix website stupidity/bugs), and I know a LOT of people that use this same plugin (itâs part of a larger common one that is default enabled).
1 Like
@OvermindDL1 there are perfectly valid uses for wanting to check a browser string, namely Capabilities if your browser supports ESM modules, then why would you want me to push an unnecessarily polyfilled pile of bundles to your browser. If your browser supports HTTP/2 why wouldnât you want me to use it to get you resources as efficiently as possible?
Data mining can suck my butthole, but why do you care if a browser knows your UA? instead of randomizing it and potentially losing out on the benefits of an updated browser because your randomizing your agent, just make it generic enough that it doesnât matter. Who gives a crap if a server knows youâre using chrome and itâs up to date?
Both of those can fallback without anyone looking at my UA though. http2 can fallback to http1 and js can check if it supports esm modules or not and request different files accordingly.
Itâs not just âIâm on Chrome XYâ. Iâve just checked with https://amiunique.org and my UA is in the <0.01% range of known fingerprints. Take a website, which doesnât operate on a global scale and I might be the only person with that UA.
@LostKobrakai You canât really fallback a HTTP/2 resourec push though. take a look at how google themselves handle it in the polymer start kits for an example of what I mean by you missing out (namely PRPL Server). instead of randomizing it, make it generic enough itâs not unique, but still shows your capabilities. thatâs literally what user agents were built for in the first place
Iâve always found UA strings to be very difficult to sustain - privacy reasons aside. The churn on UAâs is quite high, mobile devices proliferate etc etc. Hence why browser capability detection seems more sustainable. Something like Modernizr can be helpful.
1 Like
HTTP2 (the only place ESM should be used) is initiated by the client as well.
I donât? I just tend to use firefox so accessing some things want chrome all because of the UA, even though they work fine in firefox. Itâs a server issue, so I randomize it within a set that covers the things I expect to work (the randomizing is part of the plugin, Iâd be fine with a single one).
Exactly, I donât.
Heh, thatâs a cool sight, and Iâm in <0.01% it says (âUniqueâ on a couple of entries, even more interestingâŠ), Iâm wondering if that is just more of the norm?
The fallback of an HTTP/2 resource push is to just wait and let the client request it itself, you have no other option on HTTP/1 or HTTP/1.1 (other than baking it in the page itself, which just balloons it and is bad for caching).
Interesting site, though I doubt itâs all that accurate. Really itâs whatâs unique to people that actually care to check if theyâre âuniqueâ. According to that site, Iâm the first ever pixel 2xl to have an up to date chrome browser, which I highly doubt is that uncommon.
To each their own. Iâve never had a single problem with someone using my UA for âevilâ. And my opinion is that people get too worked up about being âtrackedâ as if you arenât just another faceless number in the crowd. The only time a âuniqueâ UA would be useful to anyone is if that data is available to be used by a collection of sites. And even then the data mining is under the âhopeâ that they can find something relevant to you to sell. Otherwise session data or browser cookies achieve the same result as a fingerprint. And if youâre disabling cookies because youâre afraid of advertising, I have bad news for you, youâre still gonna get them regardless. You just wonât be wasting the money they put into attempting to âtailor your adsâ; itâll be generic for mass appeal
Never changed it, never worried about it, never had a virus from it, never accidentally bought something because of it
In my opinion itâs unnecessary and paranoid to put effort into hiding for a virtual world where that âfingerprintâ is tracking a faceless browser, not any of your actual personal data. Iâd rather make it easier for the good developers to build a better web using the tech that was built specifically to do so.
To be clear Iâm not saying donât do it, if it makes you more comfortable, I just legitimately donât understand why people care
But weâre too off topic now, so like I said to each their own
I doubt they have that many people test it, plus being unique is useful to the ad collection yeah, though the fact a lot of the information on mine changes, ehâŠ
Happens at work here, soooo many windows computers⊠Havenât heard of it happening since a forced Win10 upgrade though so thatâs good.
1 Like
windows 10 really was a HUGE step up in all around security. I think they secretly used a lot of the security measures from the linux codebase, especially since theyâve unabashedly moved a lot of projects to private-but-built-off-of-open source (theyâre just flat out using chromium as the base for Edge now), but I havenât dug through the windows source code or anything to prove it
1 Like
Maybe I just didnât spend enough time on the spec. I figured an HTTP/2 push to a http/1.1 browser would end up with that browser being sent only the resource you pushed instead of it being added as a pre-cached resource and still receiving the main document. Guess that wouldnât play too well with the idea of graceful degradation though
You âcanâtâ push on HTTP/1 at all, the server software itself wonât let you, pushing makes no sense on that protocol (in Phoenix/Plug the push becomes a no-op on HTTP/1 connections). Essentially pushing only pre-cacheâs files, if the client doesnât request the file than it was entirely wasted network usage, and if the client âdoesâ request the file then it saves the few milliseconds in download time (which can add up if doing 200 includes or so, but if you are combining, say, all javascript into a single file it really doesnât gain you anything). I.E. HTTP/2 push is an optimization only, it falls back just fine.
makes sense. I couldnât find anywhere in the plug docs on how to actually check if HTTP/2 was available to use for the client, so I wasnât sure whether it fell back to a no-op properly, if it ended up just sending the first resource you âpushâ
1 Like
