Re: HTTP/2 and User-Agent strings?
On 05/02/15 02:24, Karl Dubost wrote: Maybe something we can discuss soon: Feb 18, 2015. Some Microsoft people will be there. https://wiki.mozilla.org/WebCompat_Summit_%282015%29#Summit_Schedule Yes; I'd love to hear their take on this. Duelling product groups in Microsoft? Gerv ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 28/01/15 15:45, Gijs Kruitbosch wrote: That's IE11, which is not the same as Spartan. Hmm. I'm surprised that having managed to trim down the UA for IE 11 to be not old IE, standards compliant stuff please, they then take the opposite approach with Spartan, when they want to send basically the same message. shrug Gerv ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
Gervase, Le 4 févr. 2015 à 18:53, Gervase Markham g...@mozilla.org a écrit : Hmm. I'm surprised that having managed to trim down the UA for IE 11 to be not old IE, standards compliant stuff please, they then take the opposite approach with Spartan, when they want to send basically the same message. shrug Maybe something we can discuss soon: Feb 18, 2015. Some Microsoft people will be there. https://wiki.mozilla.org/WebCompat_Summit_%282015%29#Summit_Schedule -- Karl Dubost, Mozilla http://www.la-grange.net/karl/moz ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Tue, Jan 27, 2015 at 11:31 PM, Chris Peterson cpeter...@mozilla.com wrote: Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. Long ago I used to do development for MediaWiki. We had UA string checks to work around certain UA-specific bugs where no other easy workaround was possible. I remember one particular bug in Firefox (which was only fixed years later) that I spent considerable effort trying to figure out how to work around without a UA string check, and eventually gave up. It was something like: if you append #foo to the URL while the page is loading in order to jump to span id=foo, but that element has not yet loaded when you set the URL, every other browser would jump to the element when it was added to the DOM, but Gecko would not. So I checked for Gecko and set the hash again onload. I didn't want to do this for non-Gecko browsers, because it would degrade the user experience (delaying the jump until the whole page loaded). And I couldn't figure out any reasonable way to detect it without UA sniffing. Sometimes browser behavior is just not reasonably detectable other than by UA sniffing. Yes, authors should use other methods if practical, and when I was a web dev I always would, but sometimes it's just not practical. Sometimes it's not even possible. This particular example did UA sniffing from JavaScript, not HTTP headers, but it illustrates why authors do need access to this information, and always will. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
Le 27/01/2015 22:31, Chris Peterson a écrit : On 1/27/15 9:29 AM, Jonas Sicking wrote: We keep telling websites to not use the UA string, however we've so far been very bad at asking them why they use the UA string and then create better alternatives for them. Essentially many websites need to do server-side feature detection in order to determine what version of the website to serve. However we expose *very* few client capabilities in the original HTTP request to a website. Essentially only supports HTML, which clearly isn't terribly useful. Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. chris Mozilla.org uses UA sniffing to propose the right download process for Firefox to users wisiting our download pages, that seems like a legitimate use of UA sniffing to me :) Pascal ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Wed, Jan 28, 2015 at 11:51:40AM +0800, Philip Chee wrote: On 28/01/2015 01:29, Martin Thomson wrote: On Tue, Jan 27, 2015 at 2:51 AM, Daniel Stenberg dan...@haxx.se wrote: I personally think it would be wrong to do it in connection with HTTP/2 since it'll bring a bunch of unrelated breakage to be associated with the protocol bump. I'd rather we didn't for similar reasons. If we're interested in this, maybe run an experiment where Nightly offers a User-Agent of just Nightly. See how that goes. I don't expect much success unfortunately; UA detection is still in pretty wide use, and not always for the wrong reasons (you won't have to search back far on mozilla-google-discuss for an example). Pale Moon tried to do something similar. It was rather impressive how much of the web breaks when you do that. That change was backed out in haste. Simply not including Firefox can break things for Gecko-based browsers. Mike ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
Aryeh Gregor wrote: I remember one particular bug in Firefox (which was only fixed years later) that I spent considerable effort trying to figure out how to work around without a UA string check, and eventually gave up. It was something like: if you append #foo to the URL while the page is loading in order to jump to span id=foo, but that element has not yet loaded when you set the URL, every other browser would jump to the element when it was added to the DOM, but Gecko would not. (I ended up fixing this because I fixed a very similar bug with the MSDN blogs, however that case was slightly different in that they linked directly to #foo but the element was created dynamically after the DOMContentLoaded event. My fix then caused a regression whose fix then incidentally fixed Aryeh's bug, almost exactly 5 years after he filed it.) -- Warning: May contain traces of nuts. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 28/01/2015 15:25, Gervase Markham wrote: On 27/01/15 09:16, Chris Peterson wrote: btw, here is the spartan User-Agent string for Microsoft's new Spartan browser: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36 Edge/12.0 Really? http://www.nczonline.net/blog/2013/07/02/internet-explorer-11-dont-call-me-ie/ suggests that it's: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv 11.0) like Gecko Gerv That's IE11, which is not the same as Spartan. ~ Gijs ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 27/01/15 09:16, Chris Peterson wrote: btw, here is the spartan User-Agent string for Microsoft's new Spartan browser: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.71 Safari/537.36 Edge/12.0 Really? http://www.nczonline.net/blog/2013/07/02/internet-explorer-11-dont-call-me-ie/ suggests that it's: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv 11.0) like Gecko Gerv ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
btw, Le 28 janv. 2015 à 07:16, Karl Dubost kdub...@mozilla.com a écrit : We did ask. The range of reasons spreads on a very large spectrum. Technical, Commercial, Laziness, Economic constraints, etc. During the survey last year, we got answers from business people, Web developers, companies providing UA dbs, etc. The answers are summarized in this article: http://www.otsukare.info/2014/03/31/ua-detection-use-cases slightly related to this, Chris and others you might be interested. We are having in Mozilla Mountain View office a Web Compatibility Summit with participation of Google, Microsoft and others. https://wiki.mozilla.org/WebCompat_Summit_%282015%29 -- Karl Dubost, Mozilla http://www.la-grange.net/karl/moz ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 1/27/15 9:29 AM, Jonas Sicking wrote: We keep telling websites to not use the UA string, however we've so far been very bad at asking them why they use the UA string and then create better alternatives for them. Essentially many websites need to do server-side feature detection in order to determine what version of the website to serve. However we expose *very* few client capabilities in the original HTTP request to a website. Essentially only supports HTML, which clearly isn't terribly useful. Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. chris ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 27/01/2015 21:31, Chris Peterson wrote: On 1/27/15 9:29 AM, Jonas Sicking wrote: We keep telling websites to not use the UA string, however we've so far been very bad at asking them why they use the UA string and then create better alternatives for them. Essentially many websites need to do server-side feature detection in order to determine what version of the website to serve. However we expose *very* few client capabilities in the original HTTP request to a website. Essentially only supports HTML, which clearly isn't terribly useful. Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. Not so much studies as you could look at what people actually do with this, see e.g.: http://wurfl.sourceforge.net/help_doc.php which goes down to what media formats devices play, what types of OMA DRM they support, whether they support pdf, are a smart tv, etc. etc. ~ Gijs ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 1/27/15 9:29 AM, Martin Thomson wrote: On Tue, Jan 27, 2015 at 2:51 AM, Daniel Stenberg dan...@haxx.se wrote: I personally think it would be wrong to do it in connection with HTTP/2 since it'll bring a bunch of unrelated breakage to be associated with the protocol bump. I'd rather we didn't for similar reasons. That's a good point. We don't want to hamper HTTP/2 adoption because of an unrelated compatibility change. However, one could make a similar argument about Firefox and Chrome (and, for the time being, IE) tying HTTP/2 with TLS. If we're interested in this, maybe run an experiment where Nightly offers a User-Agent of just Nightly. See how that goes. I don't expect much success unfortunately; UA detection is still in pretty wide use, and not always for the wrong reasons (you won't have to search back far on mozilla-google-discuss for an example). I have used Nightly without any User-Agent header (using the Modify Headers add-on) for about a month. I have not found any major problems, but I'm sure they exist. :) chris ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
Chris, Le 28 janv. 2015 à 06:31, Chris Peterson cpeter...@mozilla.com a écrit : Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. We did ask. The range of reasons spreads on a very large spectrum. Technical, Commercial, Laziness, Economic constraints, etc. During the survey last year, we got answers from business people, Web developers, companies providing UA dbs, etc. The answers are summarized in this article: http://www.otsukare.info/2014/03/31/ua-detection-use-cases Below an extract of the use cases list: Device/Software capabilities • Send anterior version of a browser to a simpler version of the Web site. The new Web site using technologies unsupported on old browsers, the user will get a bad experience. • Block the access to an anterior version of browser and recommend the user to download a new version of the browser. • Redirect the browser to the (feature phone|smartphone|tablet|desktop|tv|wearable) Web site or provide directly content optimized for the device. • Customizing content such as the choice of video formats, the UI elements size, Ads. • Plugin and framework supports such as J2ME, DRM. • Device own material performance Network Performances • Server-side optimization of media (size and formats). Certain devices type are believed to access the Web through a type of connection. The assumption is often triggered by if it's a mobile the network bandwidth and/or latency is either bad or expensive. Technical • Blocking some abusive bots • A/B testing during feature deployments • Fallback: Once features detection has failed to be able to customize the user experience: Incomplete support of features, support not optimized for a specific feature, misleading user agent with regards to support Business • Delivering specific content (Premium, documentation, help) for certain devices • Native app: Encouraging to download the platform native app for capturing an audience • Upgrading the user agent: Proposing the right software to download when upgrading • Analytics and statistics reporting -- Karl Dubost, Mozilla http://www.la-grange.net/karl/moz ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
Chris, Le 28 janv. 2015 à 06:19, Chris Peterson cpeter...@mozilla.com a écrit : I have used Nightly without any User-Agent header (using the Modify Headers add-on) for about a month. I have not found any major problems, but I'm sure they exist. :) I have used for a while the User-Agent: FuckYeah/1.0 header for the same reasons. It breaks thing on the desktop time to time, but do not make the Web that unusable. The issue on the other hand becomes a lot stronger on mobile. Most of the time you will receive the desktop site instead of the mobile site. And most of the time, People are sending a content/CSS/JS which is tailored for a specific rendering engine. Some Google properties for example do that and basically you never receive the tier1 if you have the wrong UA. Sometimes you will just be blocked. Another issue you will encounter is that the Web is a legacy content factory. Sites disappear a lot (unfortunately), but there is a mass of them which never gets updated including their bugs or bad habits. Some sites will not work without a proper UA. The unfortunate issue is that most people don't think the site is badly implemented, they think the browser is crap because it is not working. -- Karl Dubost, Mozilla http://www.la-grange.net/karl/moz ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Tue, Jan 27, 2015 at 1:31 PM, Chris Peterson cpeter...@mozilla.com wrote: On 1/27/15 9:29 AM, Jonas Sicking wrote: We keep telling websites to not use the UA string, however we've so far been very bad at asking them why they use the UA string and then create better alternatives for them. Essentially many websites need to do server-side feature detection in order to determine what version of the website to serve. However we expose *very* few client capabilities in the original HTTP request to a website. Essentially only supports HTML, which clearly isn't terribly useful. Are there recent studies of which features servers do detect and why? I could see arguments for sharing information about mobile devices, touch support, and OS. The WURFL database is very popular. So most likely it carries the data that most websites need. Sadly it also carries a lot of other, likely unused data. Like if the browser supports iframes and/or javascript. I've heard that screen size as well as video decoding capabilities (not just ability to decode, but the ability to do so at a good framerate) have been requested for FirefoxOS partners. I've tried to reach out to facebook and a couple of other sites to find out what information that they use. However I didn't get any definitive answers and haven't had the bandwidth to hunt them down for a real answer. Definitely something that would be great if someone wanted to take on. / Jonas ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Tue, 27 Jan 2015, Chris Peterson wrote: Firefox, Chrome, and IE only support HTTP/2 over TLS, even though the spec does not require it. THe IE people have stated repeatedly that they will support it over plain TCP eventually though, it was just not done in the preview. What if browser vendors similarly agreed to never send the User-Agent header over HTTP/2? Why would browsers agree to do that and if they/we do, why would it be limited to HTTP/2 ? I personally think it would be wrong to do it in connection with HTTP/2 since it'll bring a bunch of unrelated breakage to be associated with the protocol bump. -- / daniel.haxx.se ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Tue, Jan 27, 2015 at 1:16 AM, Chris Peterson cpeter...@mozilla.com wrote: Firefox, Chrome, and IE only support HTTP/2 over TLS, even though the spec does not require it. What if browser vendors similarly agreed to never send the User-Agent header over HTTP/2? If legacy content relies on User-Agent checks, it could: * Stick with HTTP/1.1. * Use HTTP/2 connection upgrade from HTTP/1.1, grabbing the User-Agent header on the initial HTTP/1.1 connection. * Check navigator.userAgent on the client. If we can't kill the User-Agent header at this juncture, then when? :) There's still too many actually useful things that websites use the UA-string for, and for which we don't have a replacement. We keep telling websites to not use the UA string, however we've so far been very bad at asking them why they use the UA string and then create better alternatives for them. Essentially many websites need to do server-side feature detection in order to determine what version of the website to serve. However we expose *very* few client capabilities in the original HTTP request to a website. Essentially only supports HTML, which clearly isn't terribly useful. We do also send some information related to the actual network connection (like http/2 support and content-encoding support), but that's not helping the server detect what the browser can do once content has been received. The result is that servers detect client capabilities by trying to identify the UA and then look up capabilities in a server-side database. So no, I don't think that we can get rid of the UA-string. At least until we provide other information to the server about client side capabilities. / Jonas ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On Tue, Jan 27, 2015 at 2:51 AM, Daniel Stenberg dan...@haxx.se wrote: I personally think it would be wrong to do it in connection with HTTP/2 since it'll bring a bunch of unrelated breakage to be associated with the protocol bump. I'd rather we didn't for similar reasons. If we're interested in this, maybe run an experiment where Nightly offers a User-Agent of just Nightly. See how that goes. I don't expect much success unfortunately; UA detection is still in pretty wide use, and not always for the wrong reasons (you won't have to search back far on mozilla-google-discuss for an example). ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
Re: HTTP/2 and User-Agent strings?
On 28/01/2015 01:29, Martin Thomson wrote: On Tue, Jan 27, 2015 at 2:51 AM, Daniel Stenberg dan...@haxx.se wrote: I personally think it would be wrong to do it in connection with HTTP/2 since it'll bring a bunch of unrelated breakage to be associated with the protocol bump. I'd rather we didn't for similar reasons. If we're interested in this, maybe run an experiment where Nightly offers a User-Agent of just Nightly. See how that goes. I don't expect much success unfortunately; UA detection is still in pretty wide use, and not always for the wrong reasons (you won't have to search back far on mozilla-google-discuss for an example). Pale Moon tried to do something similar. It was rather impressive how much of the web breaks when you do that. That change was backed out in haste. Phil -- Philip Chee phi...@aleytys.pc.my, philip.c...@gmail.com http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform