Browser sniffing
Browser sniffing (also known as browser detection) is a set of techniques used in websites and web applications in order to determine the web browser a visitor is using, and to serve browser-appropriate content to the visitor. This practice is sometimes used to circumvent incompatibilities between browsers due to misinterpretation of HTML, Cascading Style Sheets (CSS), or the Document Object Model (DOM). While the World Wide Web Consortium maintains up-to-date central versions of some of the most important Web standards in the form of recommendations, in practice no software developer has designed a browser which adheres exactly to these standards; implementation of other standards and protocols, such as SVG and XMLHttpRequest, varies as well. As a result, different browsers display the same page differently, and so browser sniffing was developed to detect the web browser in order to help ensure consistent display of content.
It is also used to detect mobile browsers and send them mobile-optimized websites.
Sniffer methods
Client-side sniffing
- see also User agent#User agent sniffing
Web pages can use programming languages such as JavaScript which are interpreted by the user agent, with results sent to the web server. For example:
var isIE = (window.ActiveXObject != undefined);
this.isIEBrowser = false;
if (window.ActiveXObject){
this.isIEBrowser = true;
}
This code is run by the client computer, and the results are used by other code to make necessary adjustments on client-side. In this example, the client computer is asked to determine whether the browser can use a feature called ActiveX. Since this feature was proprietary to Microsoft, a positive result will indicate that the client may be running Microsoft's Internet Explorer. This is no longer a reliable indicator since Microsoft's open-source release of the ActiveX code, however, meaning that it can be used by any browser.
Standard Browser detection method
The web server communicates with the client using a communication protocol known as HTTP, or Hypertext Transfer Protocol, which specifies that the client send the server information about the browser being used to view the web site in a user agent string.
Server-side sniffing
Extensive browser techniques enable persistent user tracking even when users try to stay pseudonymous. See device fingerprint for more details on browser fingerprinting, a relatively new, extensive browser sniffing on steroids technique.
Issues and standards
Many websites use browser sniffing to determine whether a visitor's browser is unable to use certain features (such as Javascript, DHTML, ActiveX, or cascading style sheets), and display an error page if a certain browser is not used. However, it is virtually impossible to account for the tremendous variety of browsers available to users. Generally, a web designer using browser sniffing to determine what kind of page to present will test for the three or four most popular browsers, and provide content tailored to each of these. If a user is employing a user agent not tested for, there is no guarantee that a usable page will be served; thus, the user may be forced either to change browsers or to avoid the page. The World Wide Web Consortium, which sets standards for the construction of web pages, recommends that web sites be designed in accordance with its standards, and be arranged to "fail gracefully" when presented to a browser which cannot deal with a particular standard.
See also
- Computer Programming
- HTTP
- Web browser
- Document Object Model
- Feature detection (web development) ("Browser sniffing" synonym in some contexts)
- Local shared objects (LSOs), commonly called Flash cookies (due to their similarities with HTTP cookies).
- A zombie cookie is any HTTP cookie that is recreated after deletion, such as by Evercookie.
- User agent
- Web standards
- Content sniffing