curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Freezing the User-Agent header

From: Daniel Stenberg via curl-library <curl-library_at_cool.haxx.se>
Date: Mon, 24 Feb 2020 21:04:59 +0100 (CET)

On Mon, 24 Feb 2020, Tim Rühsen via curl-library wrote:

> as freezing the User-Agent header is currently a thing, I would like to ask
> the curl community about their opinions.
>
> The reason for freezing is to reveal less privacy data and make
> fingerprinting harder.

Those are part of the reasons we reduced the curl user-agent many years ago
[1]. I don't think we're in the same situation as the crazy headers of the
browsers. The curl user-agent header as of right now is a very small privacy
leak.

But also, I don't think the version number in the header is very useful other
than in a subset of debugging cases so I wouldn't be upset if we would remove
that as well...

I've not personally planned on reducing it further. Also note that libcurl
itself has no default user-agent header at all.

> Omitting User-Agent is not an issue as random web sites use User-Agent
> sniffing (often in wrong ways, but that is a different issue).

The entire idea of this freeze is primarily a browser concept since they want
to offer users APIs and other ways to get the info that sites currently are
trying to figure out by sniffing the user-agent. Other HTTP clients will not
be able to offer those APIs as easily and neither do we use the browsers'
crazy user-agent headers.

[1] = https://daniel.haxx.se/blog/2012/05/12/shorter-http-requests-for-curl/

-- 
  / daniel.haxx.se | Commercial curl support up to 24x7 is available!
                   | Private help, bug fixes, support, ports, new features
                   | https://www.wolfssl.com/contact/

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-02-24