5 Reasons Why Browser Sniffing Stinks

    Craig Buckler

    Browser sniffingBrowser sniffing is the act of detecting the web browser a visitor is using in order to serve version-specific pages, scripts, images, or other content. The technique was popular around 10 years ago because Microsoft and Netscape introduced their own technologies and web standards were in their infancy. In those dark days, it was fairly common to write two or more client-side scripts to implement identical functionality in different browsers.

    Fortunately, the web has progressed. There is rarely a need to fork code for different devices, but Opera’s recent experience with version 10 indicates that browser sniffing remains a commonplace technique.

    Technically, browser sniffing appears to be relatively straightforward. You obtain a user agent string using navigator.userAgent in JavaScript or the HTTP_USER_AGENT environment variable on the server and parse it accordingly. However, do not be complacent; browser sniffing should not be used!

    1. String parsing is tough

    User agent strings do not conform to specific patterns, for example:

    • IE8: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1;
    • Firefox 3: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv: Gecko/2009042316 Firefox/3.0.10
    • Opera 9: Opera/9.64 (Windows NT 6.0; U; en) Presto/2.1.1

    The browser, version, rendering engine, OS, language, and information about media players and .NET frameworks can all be passed in various ways. Testing every combination is impossible; Opera 10 reports version 9.8 because some sniffers mistakenly believe it’s version 1.

    2. There are many browsers to handle

    Ten years ago, there were only three major browsers with one or two significant versions of each. Today, there are at least five mainstream browsers all with multiple versions running on different platforms. Ensuring you only target the right browser at the right time without affecting others is not easy.

    3. Reduced scalability and increased maintenance

    Different sets of code for different devices is harder to maintain and can never be future-proofed. In addition, your code could break every time a new browser or version is released. That is occurring increasingly often.

    4. Browser masquerading

    For many years, Opera pretended to be Internet Explorer by passing that browser’s user agent. This helped Opera users visit sites which normally refused non-IE browsers. It can still be done today.

    5. It’s rarely required

    Web standards have made browser sniffing far less necessary on the server side, unless you happen to be implementing a browser statistics application.

    JavaScript does have several cross-browser compatibility issues, but object detection is normally a better solution. For example, IE7 and below do not have native support for XMLHttpRequest, the object essential for Ajax requests. However, an identical ActiveX object can be used instead – most libraries implement code such as:

    var xhr = (window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));

    A possible exception could be progressive enhancement aimed at specific browsers. For example, to support 24-bit PNGs in IE5.5 and IE6, browser sniffing could be used so images are only replaced if necessary. However, that is a workaround which will ultimately be removed once people stop using those browsers.

    Cross-browser CSS is also possible – yes, even in IE6. Conditional stylesheets can help in extreme cases, although I personally avoid them because it still feels too much like browser sniffing!

    See also: Why Opera 10’s User Agent Smells Bad

    Do you avoid browser sniffing? Are there any situations when it’s essential?