On Sun, 9 Jan 2005, Jan-Jaap van der Geer wrote:
> It should work now. The useragent "Netsurf" was
> it appeared not to be a "real" useragent.
By what mark was he making that decision, I wonder. "NetSurf" is a
perfectly valid user agent, as far as RFC2616 is concerned. I won't
bother quoting it here, but sections 3.8 and 14.43 are the applicable
> Any idea why the developer of this browser would not indicate
> version, etc.?
As there's no requirement to do so. Version number is not required by the
spec and, as NetSurf has no version number at present, one isn't used in
the User-Agent header.
[The reason why this is blocked appears to be to stop automatic
processes accessing the page, so that only browsers can access it.
Wether this is the way to do that, I have no idea... I generally
don't like websites checking the browser for whatever reason, but
in this case it might be legitimate?]
Not in the least. Sniffing the User-Agent header and basing anything on
the information (other than 'x number of pages have been served to user
agent y since date z") is bad practice (although allowable by the
spec). Certainly blocking access to a user agent because you don't
recognise it is just silly (as it prevents users of as-yet undeveloped
user agents accessing the site).
2. Even this breaks, due to user-agent faking.