How to get name of operating system of user and browser in phoenix

Hello,
How do I get the name of operating system of user and browser in phoenix when users send request to my api web service?
Please advise me if you know more functions which helps me to get too information of users?

it’s available in the useragent header, you can use:

or

2 Likes

Which is a lie. Do not trust user submitted data…

I’ve somewhen changed my UAH to some IE7 and surfing most of the time using that one, because there was a website once that’s was only accessible using that header.

2 Likes

yes, it’s spoofable - I also believe browser vendors are gonna remove info and make generic user agents, as so so much fingerprinting/tracking is going on…

1 Like

Why do you want to know at all? Just build your website in a way that it works cross browser.

2 Likes

Hello @NobbZ ,
because I am going to collect Any data for Processing in future. It is noteworthy, I send email to my user when somebody login’s by his account. then I am supposed to collect the data for data mining.
Thanks

Well fair note, that is a pretty unreliable thing to gather. Every website I access gets a randomized useragent via a plugin I have in chrome (unless I tag it to a specific one to fix website stupidity/bugs), and I know a LOT of people that use this same plugin (it’s part of a larger common one that is default enabled).

1 Like

@OvermindDL1 there are perfectly valid uses for wanting to check a browser string, namely Capabilities if your browser supports ESM modules, then why would you want me to push an unnecessarily polyfilled pile of bundles to your browser. If your browser supports HTTP/2 why wouldn’t you want me to use it to get you resources as efficiently as possible?

Data mining can suck my butthole, but why do you care if a browser knows your UA? instead of randomizing it and potentially losing out on the benefits of an updated browser because your randomizing your agent, just make it generic enough that it doesn’t matter. Who gives a crap if a server knows you’re using chrome and it’s up to date?

Both of those can fallback without anyone looking at my UA though. http2 can fallback to http1 and js can check if it supports esm modules or not and request different files accordingly.

It’s not just “I’m on Chrome XY”. I’ve just checked with https://amiunique.org and my UA is in the <0.01% range of known fingerprints. Take a website, which doesn’t operate on a global scale and I might be the only person with that UA.

@LostKobrakai You can’t really fallback a HTTP/2 resourec push though. take a look at how google themselves handle it in the polymer start kits for an example of what I mean by you missing out (namely PRPL Server). instead of randomizing it, make it generic enough it’s not unique, but still shows your capabilities. that’s literally what user agents were built for in the first place

I’ve always found UA strings to be very difficult to sustain - privacy reasons aside. The churn on UA’s is quite high, mobile devices proliferate etc etc. Hence why browser capability detection seems more sustainable. Something like Modernizr can be helpful.

HTTP2 (the only place ESM should be used) is initiated by the client as well.

I don’t? I just tend to use firefox so accessing some things want chrome all because of the UA, even though they work fine in firefox. It’s a server issue, so I randomize it within a set that covers the things I expect to work (the randomizing is part of the plugin, I’d be fine with a single one).

Exactly, I don’t.

Heh, that’s a cool sight, and I’m in <0.01% it says (‘Unique’ on a couple of entries, even more interesting…), I’m wondering if that is just more of the norm?

The fallback of an HTTP/2 resource push is to just wait and let the client request it itself, you have no other option on HTTP/1 or HTTP/1.1 (other than baking it in the page itself, which just balloons it and is bad for caching).

Interesting site, though I doubt it’s all that accurate. Really it’s what’s unique to people that actually care to check if they’re “unique”. According to that site, I’m the first ever pixel 2xl to have an up to date chrome browser, which I highly doubt is that uncommon.

To each their own. I’ve never had a single problem with someone using my UA for “evil”. And my opinion is that people get too worked up about being “tracked” as if you aren’t just another faceless number in the crowd. The only time a “unique” UA would be useful to anyone is if that data is available to be used by a collection of sites. And even then the data mining is under the “hope” that they can find something relevant to you to sell. Otherwise session data or browser cookies achieve the same result as a fingerprint. And if you’re disabling cookies because you’re afraid of advertising, I have bad news for you, you’re still gonna get them regardless. You just won’t be wasting the money they put into attempting to “tailor your ads”; it’ll be generic for mass appeal

Never changed it, never worried about it, never had a virus from it, never accidentally bought something because of it

In my opinion it’s unnecessary and paranoid to put effort into hiding for a virtual world where that “fingerprint” is tracking a faceless browser, not any of your actual personal data. I’d rather make it easier for the good developers to build a better web using the tech that was built specifically to do so.

To be clear I’m not saying don’t do it, if it makes you more comfortable, I just legitimately don’t understand why people care

But we’re too off topic now, so like I said to each their own

I doubt they have that many people test it, plus being unique is useful to the ad collection yeah, though the fact a lot of the information on mine changes, eh…

Happens at work here, soooo many windows computers… Haven’t heard of it happening since a forced Win10 upgrade though so that’s good.

1 Like

windows 10 really was a HUGE step up in all around security. I think they secretly used a lot of the security measures from the linux codebase, especially since they’ve unabashedly moved a lot of projects to private-but-built-off-of-open source (they’re just flat out using chromium as the base for Edge now), but I haven’t dug through the windows source code or anything to prove it

1 Like

Maybe I just didn’t spend enough time on the spec. I figured an HTTP/2 push to a http/1.1 browser would end up with that browser being sent only the resource you pushed instead of it being added as a pre-cached resource and still receiving the main document. Guess that wouldn’t play too well with the idea of graceful degradation though

You “can’t” push on HTTP/1 at all, the server software itself won’t let you, pushing makes no sense on that protocol (in Phoenix/Plug the push becomes a no-op on HTTP/1 connections). Essentially pushing only pre-cache’s files, if the client doesn’t request the file than it was entirely wasted network usage, and if the client ‘does’ request the file then it saves the few milliseconds in download time (which can add up if doing 200 includes or so, but if you are combining, say, all javascript into a single file it really doesn’t gain you anything). I.E. HTTP/2 push is an optimization only, it falls back just fine.

makes sense. I couldn’t find anywhere in the plug docs on how to actually check if HTTP/2 was available to use for the client, so I wasn’t sure whether it fell back to a no-op properly, if it ended up just sending the first resource you “push”

1 Like