In a way it seems like a classic trademark violation, tricking people (or their servers) into thinking your product is someone else’s. I wonder if there are actual agreements about this these days.
User agent strings aren't really seen by people so arguably there is no consumer confusion. And if you need the Mozilla user agent for compatibility it's reminiscent of https://en.wikipedia.org/wiki/Sega_v._Accolade
There's a better explanation in the last comment on the page You linked.
ISTR that Netscape used to have in it's README or INSTALL (or maybe an "about"-like menu entry) a note that the name of the browser is pronounced Mozilla while only being spelled N-E-T-S-C-A-P-E.
Google would have to pay a lot of licensing fees then...
> Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36
It is Mozilla (nope), Linux (yes, in a sense), Android (yes) AppleWebKit (not Apple and not WebKit), KHTML (nope), Gecko (nope), Chrome (yes), Mobile (yes), Safari (nope).
So maybe they owe something to Mozilla, Apple and KDE.
To be fair Blink engine started as a fork of Apple's WebKit engine. Although I wouldn't be suprised if none of the WebKit code is present on Chromium now...
And all heavy lynx users know about changing that on the fly to Mozilla for screwy websites that claim they won't work with lynx. I'm happy that I am encountering such behavior less and less over time.
Not to forget SpaceGoat/2000, my usual go-to when building something which does browser-like things. I've been using that one since before the year 2000 so maybe it is time for an upgrade to SuperSpaceGoat/2100?
My pet theory was that they wanted to stay on the next version indefinitely but Mac OS seemed to be indefinitely on version 10, and they couldn't be one behind. Funnily enough, soon after Mac OS went to version 11, Windows 11 was announced.
(realistically though, the '9x' problem does make a lot of sense)
An alternate reason that doesn’t require such stretching of credulity around one broken piece of software is that MS already had two products starting with “Windows 9” and that people were likely to confuse them, whether end users or someone updating a catalog.
Has anyone tried running a generic User-Agent on a standard modern browser? (By "generic", I mean one that does away with this whole compatibility dance.) I'm curious how much would break or degrade.
I once tried having my web browser claim to be the Google spider. It worked well and I completely forgot about it until one website soft banned me a year or two later for impersonating the Google spider. I contacted them to complain. They lifted the ban and told me the ban reason, which made me remember the experiment I never terminated.
All of the privacy stuff straight up breaks the internet these days. Try using a VPN and half the time CDNs straight up refuse to serve you the JS files so sites like supermarkets or flight booking websites load broken or show some generic forbidden error.
Blanking out the user agent would have to be pushed by either Apple, Google, or Microsoft. And out of those I feel like only Apple would do it. iCloud private relay doesn’t end up breaking websites since companies care about not degrading the experience for Apple users and make sure the site still works.
I tried doing that in the early 2010s. Even back then it didn't work (github broke for example). If you did it today, you'd likely be blocked by a lot of major websites for "lying" about your user agent. Cloudflare turnstiles will stop working, you'll get captcha'd to death, and so on.
Even tor-browser doesn't dare to modify the user agent string in any major way. It's almost impossible to lie about because trackers don't actually care about your user agent. They're identifying your device/OS through side channels (canvas, webgl, fonts, etc).
Wrt/ Tor browser, it's not that they don't dare to, it's that they don't want to. One of the goals of that browser is to not stick out too much, and changing the user agent would do just that, so they don't do it.
Ironically Cloudflare blocks the real Mozilla derived browser on this Linux phone, so I can't access SO anymore. (Turnstile was broken a long time. It finally got fixed half a year ago. Now I note it does not even come up any more, just a static message that I should throw away my phone^W^W^W^W upgrade my browser. No idea whether Cloudflare or SO is to blame.)
No surprise, CF is in bed with Big Browser. There are workarounds but I won't go into detail here since "the walls have ears"; suffice to say that the "bot" scraping companies still have no trouble getting around it.
> A better question is why it was never fixed / renamed to proper names.
Because the reason it is the way it is in the first place is compatibility with sites that are doing things objectively wrong already, which makes it really hard to get them to change.
The problem is that poorly designed systems limit access or disable features based on a user-agent allowlist, which is never the right answer. There is no right way to do it because it's always wrong, but people choose to do it anyways.
I'm personally a fan of treating broken sites as broken, but I understand that realistically any "alternative" browser has to deal with all the broken sites designed for whatever came before it because otherwise most normal users won't consider switching.
If I were made King of the Internet for a day and able to enforce any changes I wanted on everyone, all the major browsers would have to change their user-agent string to something totally unique on the same day, intentionally breaking any sites that are doing it wrong for everyone so the broken sites are forced to fix their own nonsense. That'd come maybe two or three decrees down the line from "All ISPs are required to provide a globally routable IPv6 block in accordance with RFC 6177, providing only CGN IPv4 is a capital offense".
Personally I’d get rid of the user agent entirely. Stop sending it and let sites query available features rather than check the specific browser version.
When my site says Best viewed in Netscape, I mean Netscape Navigator. The rest of the world may have moved on, but static HTML 3.2 with the blink tag is forever.
To avoid breaking stuff basically, easier to have ugly UA strings than persuade every site that does weird UA parsing to fix themselves.
The main exception to this was Opera back when it had its own engine, which did use Opera at the start of its fairly clean default UA string. Then when they reached version 10 they had to make the primary version 9 with a second real version later in the string as sites couldn’t cope with two digit version numbers…
I miss Opera. It's a damn shame that it was so badly mismanaged, and ultimately sold off to investors, which further buried it into irrelevance. It now survives on gaming-oriented gimmicks and shady promotions. I hear that Vivaldi is supposed to be a continuation of it, but from what I've seen it's just another Chromium clone with a closed-source UI, without any distinguishing features.
Opera in the late 90s / early 2000s was excellent. It was lightweight and snappy. Among the first to support tabs. The Presto engine was the most performant on machines of the era. The trialware/adware was annoying, but the browser was solid. The built-in email client was decent as well.
In 2009 they launched a very interesting web server / sharing feature with Opera Unite, which unfortunately didn't gain traction.
Opera Mini was the best mobile browser for a few years as well, before smartphones took off.
Possibly, but it wouldn't be the first time that people took a field that was supposed to be an originator name and made it something else entirely.
There's a field in the Volume Boot Record of disc volumes, in the PC compatible world, that was supposed to be the name of the OEM whose software formatted the volume. It was (and is) a few bytes of identifying human-readable text. Operating systems ended up doing string comparisons and parsing numbers, and breaking in odd ways, including not even recognizing their own handiwork, when operating system vendors did not use the name of the first vendor.
It has probably been long enough since MS-DOS 3.3 and in turn the Browser Wars that someone is right now failing to learn from history and making this mistake anew, yet again, somewhere.
Probably because now if you come with a different User-Agent you might get blocked by a WAF or a load balancer. Too much history to just forget overnight.
Readit News
The post popular answer includes: History of the browser user-agent string related discussions:
2022 (87 points, 20 comments) https://news.ycombinator.com/item?id=31246438
2019 (62 points, 22 comments) https://news.ycombinator.com/item?id=21085388
2018 (558 points, 168 comments) https://news.ycombinator.com/item?id=16525559
2013 (100 points, 32 comments) https://news.ycombinator.com/item?id=6674812
Also, I doubt tricking servers would indicate creating consumer confusion with the trademark.
ISTR that Netscape used to have in it's README or INSTALL (or maybe an "about"-like menu entry) a note that the name of the browser is pronounced Mozilla while only being spelled N-E-T-S-C-A-P-E.
I have been omitting it for decades with great results.
> Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Mobile Safari/537.36
It is Mozilla (nope), Linux (yes, in a sense), Android (yes) AppleWebKit (not Apple and not WebKit), KHTML (nope), Gecko (nope), Chrome (yes), Mobile (yes), Safari (nope).
So maybe they owe something to Mozilla, Apple and KDE.
[1]: https://www.pcworld.com/article/435584/why-windows-10-isnt-n...
(realistically though, the '9x' problem does make a lot of sense)
Now Apple has the year in the OS version we'll have people wondering in a few years what happened to iOS 19-25.
Dead Comment
Dead Comment
It did keep the version at 9.80, presumably because >=10 must have caused problems somewhere.
Blanking out the user agent would have to be pushed by either Apple, Google, or Microsoft. And out of those I feel like only Apple would do it. iCloud private relay doesn’t end up breaking websites since companies care about not degrading the experience for Apple users and make sure the site still works.
Even tor-browser doesn't dare to modify the user agent string in any major way. It's almost impossible to lie about because trackers don't actually care about your user agent. They're identifying your device/OS through side channels (canvas, webgl, fonts, etc).
why haven't we deprecated this junk
Because the reason it is the way it is in the first place is compatibility with sites that are doing things objectively wrong already, which makes it really hard to get them to change.
The problem is that poorly designed systems limit access or disable features based on a user-agent allowlist, which is never the right answer. There is no right way to do it because it's always wrong, but people choose to do it anyways.
I'm personally a fan of treating broken sites as broken, but I understand that realistically any "alternative" browser has to deal with all the broken sites designed for whatever came before it because otherwise most normal users won't consider switching.
If I were made King of the Internet for a day and able to enforce any changes I wanted on everyone, all the major browsers would have to change their user-agent string to something totally unique on the same day, intentionally breaking any sites that are doing it wrong for everyone so the broken sites are forced to fix their own nonsense. That'd come maybe two or three decrees down the line from "All ISPs are required to provide a globally routable IPv6 block in accordance with RFC 6177, providing only CGN IPv4 is a capital offense".
The main exception to this was Opera back when it had its own engine, which did use Opera at the start of its fairly clean default UA string. Then when they reached version 10 they had to make the primary version 9 with a second real version later in the string as sites couldn’t cope with two digit version numbers…
Opera in the late 90s / early 2000s was excellent. It was lightweight and snappy. Among the first to support tabs. The Presto engine was the most performant on machines of the era. The trialware/adware was annoying, but the browser was solid. The built-in email client was decent as well.
In 2009 they launched a very interesting web server / sharing feature with Opera Unite, which unfortunately didn't gain traction.
Opera Mini was the best mobile browser for a few years as well, before smartphones took off.
There's a field in the Volume Boot Record of disc volumes, in the PC compatible world, that was supposed to be the name of the OEM whose software formatted the volume. It was (and is) a few bytes of identifying human-readable text. Operating systems ended up doing string comparisons and parsing numbers, and breaking in odd ways, including not even recognizing their own handiwork, when operating system vendors did not use the name of the first vendor.
* https://jdebp.uk/FGA/volume-boot-block-oem-name-field.html
It has probably been long enough since MS-DOS 3.3 and in turn the Browser Wars that someone is right now failing to learn from history and making this mistake anew, yet again, somewhere.