5 Reasons Why Browser Sniffing Stinks

Share this article

Browser sniffing
Browser sniffing is the act of detecting the web browser a visitor is using in order to serve version-specific pages, scripts, images, or other content. The technique was popular around 10 years ago because Microsoft and Netscape introduced their own technologies and web standards were in their infancy. In those dark days, it was fairly common to write two or more client-side scripts to implement identical functionality in different browsers. Fortunately, the web has progressed. There is rarely a need to fork code for different devices, but Opera’s recent experience with version 10 indicates that browser sniffing remains a commonplace technique. Technically, browser sniffing appears to be relatively straightforward. You obtain a user agent string using navigator.userAgent in JavaScript or the HTTP_USER_AGENT environment variable on the server and parse it accordingly. However, do not be complacent; browser sniffing should not be used!

1. String parsing is tough

User agent strings do not conform to specific patterns, for example:
  • IE8: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; SLCC1;
  • Firefox 3: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv: Gecko/2009042316 Firefox/3.0.10
  • Opera 9: Opera/9.64 (Windows NT 6.0; U; en) Presto/2.1.1
The browser, version, rendering engine, OS, language, and information about media players and .NET frameworks can all be passed in various ways. Testing every combination is impossible; Opera 10 reports version 9.8 because some sniffers mistakenly believe it’s version 1.

2. There are many browsers to handle

Ten years ago, there were only three major browsers with one or two significant versions of each. Today, there are at least five mainstream browsers all with multiple versions running on different platforms. Ensuring you only target the right browser at the right time without affecting others is not easy.

3. Reduced scalability and increased maintenance

Different sets of code for different devices is harder to maintain and can never be future-proofed. In addition, your code could break every time a new browser or version is released. That is occurring increasingly often.

4. Browser masquerading

For many years, Opera pretended to be Internet Explorer by passing that browser’s user agent. This helped Opera users visit sites which normally refused non-IE browsers. It can still be done today.

5. It’s rarely required

Web standards have made browser sniffing far less necessary on the server side, unless you happen to be implementing a browser statistics application. JavaScript does have several cross-browser compatibility issues, but object detection is normally a better solution. For example, IE7 and below do not have native support for XMLHttpRequest, the object essential for Ajax requests. However, an identical ActiveX object can be used instead – most libraries implement code such as:

var xhr = (window.XMLHttpRequest ? new XMLHttpRequest() : new ActiveXObject("Microsoft.XMLHTTP"));
A possible exception could be progressive enhancement aimed at specific browsers. For example, to support 24-bit PNGs in IE5.5 and IE6, browser sniffing could be used so images are only replaced if necessary. However, that is a workaround which will ultimately be removed once people stop using those browsers. Cross-browser CSS is also possible – yes, even in IE6. Conditional stylesheets can help in extreme cases, although I personally avoid them because it still feels too much like browser sniffing! See also: Why Opera 10’s User Agent Smells Bad Do you avoid browser sniffing? Are there any situations when it’s essential?

Frequently Asked Questions about Browser Sniffing

What is browser sniffing and why is it used?

Browser sniffing, also known as user agent sniffing, is a technique used by web developers to deliver different content or functionality based on the user’s browser type and version. This is done by examining the user agent string that the browser sends as part of the HTTP request. The primary reason for using browser sniffing is to ensure compatibility and provide a seamless user experience across different browsers.

Why is browser sniffing considered a bad practice?

Browser sniffing is generally considered a bad practice due to its unreliability and potential for misuse. User agent strings can be easily manipulated or spoofed, leading to incorrect detection. Moreover, it promotes browser-specific coding, which goes against the principle of progressive enhancement and graceful degradation in web development.

What are the alternatives to browser sniffing?

Feature detection is a recommended alternative to browser sniffing. Instead of checking the browser type and version, feature detection checks if a certain feature is supported by the browser. This approach is more reliable and future-proof as it focuses on capabilities rather than identities.

How can I implement feature detection?

Feature detection can be implemented using JavaScript libraries such as Modernizr. These libraries provide a simple API to check if a certain feature is supported by the browser. You can then use this information to conditionally load scripts or apply styles based on the supported features.

What is the impact of browser sniffing on SEO?

Browser sniffing can potentially impact SEO if it leads to different content being served to different browsers. Search engines may perceive this as cloaking, a deceptive practice of showing different content to search engines and users, which can result in penalties.

How can I detect if a website is using browser sniffing?

You can inspect the HTTP headers of the website using developer tools in your browser. If the website is using browser sniffing, you may see the user agent string being examined in the server-side scripts.

Can browser sniffing be used for mobile device detection?

Yes, browser sniffing can be used for mobile device detection. However, it suffers from the same issues of unreliability and potential misuse. A better approach would be to use responsive web design techniques to ensure compatibility across different devices.

What is the future of browser sniffing?

With the increasing standardization of web technologies and the shift towards feature detection, the use of browser sniffing is expected to decline. However, it may still be used in certain cases for troubleshooting or analytics purposes.

How does browser sniffing affect user privacy?

Browser sniffing can potentially infringe on user privacy as it collects information about the user’s browser and device. However, this information is generally not personally identifiable unless combined with other tracking techniques.

Can I disable browser sniffing?

As a user, you cannot directly disable browser sniffing as it is implemented on the server side. However, you can use privacy tools or settings in your browser to limit the information that is sent in the user agent string.

Craig BucklerCraig Buckler
View Author

Craig is a freelance UK web consultant who built his first page for IE2.0 in 1995. Since that time he's been advocating standards, accessibility, and best-practice HTML5 techniques. He's created enterprise specifications, websites and online applications for companies and organisations including the UK Parliament, the European Parliament, the Department of Energy & Climate Change, Microsoft, and more. He's written more than 1,000 articles for SitePoint and you can find him @craigbuckler.

Share this article
Read Next
Get the freshest news and resources for developers, designers and digital creators in your inbox each week
Loading form