On Mon, 20 Sep 2010 11:14:48 +0200, Mark Nottingham <mnot@mnot.net> wrote: > [...] > > Because this field is usually sent on every request a user-agent makes, > implementations are encouraged not to include needlessly fine-grained > detail, and to limit (or even prohibit) the addition of subproducts by > third parties. Overly long and detailed User-Agent field values make > requests larger and can also be used to identify ("fingerprint") the > user against their wishes. Having this is great I think. I think we should also give advice to people using the header (i.e. against user-agent sniffing), similar to what HTML5 does for navigator.userAgent: http://whatwg.org/C#client-identification (HTML5 should probably also mention the fingerprinting issue.) -- Anne van Kesteren http://annevankesteren.nl/Received on Monday, 20 September 2010 11:58:56 UTC
This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:23 UTC