Let me join the chorus of people out there in the developer community who have been saying to other website developers for years: ‘don’t use a browser’s user-agent to customize your site’! Why? Because if you look on my PC tools page, you’ll notice I use a web proxy. And using that proxy I can hide or alter anything about a web request I want, including what browser you think I have. Plus half the sniffing out there resuls in incorrect decisions. Alot of sites think, for example, that Opera can’t handle alot of things it does, and sometimes you get the ‘upgrade your browser’ page, as they only look at user-agent. But if they’d have just verified via JavaScript…

Now I don’t fault anyone still doing this out of not knowing an alternative, parsing the user-agent string, because that’s where I started way back when. But looking back I realize doing functionality tests via JavaScript is still the better method of ‘sniffing’ one’s browser. E.g., check to see if it supports document.all, not if ‘MSIE’ is in its user-agent. That way your site functions properly for everyone…

The next, more interesting question, though, is what to do on server-side? How do I know, e.g., what stylesheet to serve up? .NET’s built-in browser capability detection uses the method I just blew holes in. But by using a Session var and doing a quick redirect upon a session’s first request, to do a Javascript check, your code could then make the right decision.

BTW, for any proxy users out there who need to circumvent the sniffers, a nice list of user-agents can be found here.