Revisiting browser sniffing, and how to bypass it
Published July 21st, 2006 1:19 PM EDT By Daniel GoldmanI had a long talk with David Storey, the Chief Web Opener at Opera Software. David is in charge of the Opera team working on contacting and fixing sites that have Opera compatibility issues.
The site compatibility problem is probably the most important issue facing Opera. I’ve noticed that over the past year Opera has put great effort in correcting this problem.
I’ve asked David to write an article for Opera Watch detailing life as a ‘Web Opener’. He does a lot of good work that we all benefit from. I thought it would be nice if he’d talk about Opera’s efforts to combat site compatibility. He hasn’t committed yet.
Over the course of our conversation I mentioned to him a couple of sites that I visit monthly which don’t work in the Opera browser. I can’t login to my Sprint and student loan (acs-education.com) accounts to pay my bills. Both of these sites, upon entering my username and password, display a mostly blank page.
The Sprint page has a weird and seemingly random message “There is no content available. Please check if there is content defined for the markup of your client device.” under the header “It’s party time: Food and drink ideas”
These were the only two sites that forced me to use another browser, in my case Firefox, on a regular basis. Opera 9 has definitely fixed most of the browser compatibility issues.
But not all, however.
A while ago I called Sprint to let them know about the problem with their site and the Opera browser. I spoke with their (seemingly incompetent) IT department for about half an hour. After being transferred 5 times, and getting nowhere, I gave up.
David and I tried to debug and locate the problem for these two sites.
He mentioned that one challenge Opera faces is that many of these don’t give Opera test accounts, since Opera is too small for them to even care. As a result Opera can’t thoroughly test their sites in the browser.
I initially tried spoofing the browser as Mozilla and Internet Explorer (IE) for sprint.com, but that didn’t work, until I noticed my problem. I had spoofed as Mozilla for sprint.com, which is the login page for my account, however I failed to spoof the redirect page as well. Upon logging in to my account, I get redirected to manage.sprintpcs.com. There lied my problem. Spoofing sprintpcs.com as Mozilla made it all worked just fine.
After successfully fixing the Sprint problem, I tried spoofing my student loan’s website too, and that fixed the problem as well.
Recently Opera’s Hallvord Steen wrote about how Opera handles site compatibility issues.
Browser sniffing has been a big problem for alternative browsers for quite some time already, and although the problem has significantly been diminished, it’s still standard practice by some ignorant web developers.
Browser Sniffing Background
Just a little background on browser sniffing. When you type an address (URL) in your browser, the browser will send a message to the website’s server identifying which browser it is using (called the browser User Agent or UA).
Blocking alternative browser users was very common until recently. To combat the problem Opera was faced with, it spoofed itself as IE, and thus allowed users of the Opera browser to visits those sites. As of Opera 9, Opera doesn’t spoof itself by default.
How to combat browser sniffing
There are two methods of spoofing the browser’s identification:
- Spoofing as another browser, but still identifying itself as Opera.
- Masking as another browser totally.
Most of the time spoofing alone will help sites from blocking Opera visitors, but at times that’s not enough. In those cases masking is what does the trick. Masking prevents those websites from detecting Opera altogether.
Why some websites sniff browsers?
The are three categories of browser sniffing:
- Some sites make use of certain technologies that aren’t supported by the Opera browser. An example would be Microsoft’s ActiveX technology, where Opera, Firefox, and most other browsers don’t support, since it’s considered a big security risk. These sites would sniff for Opera visitors, and block them from using their sites. Spoofing or masking as another browser wouldn’t help in this case, since Opera wouldn’t work either way. Another example is Google, which we’re unfortunately all too famillar with.
- Sites like Sprint and acs-education.com, sniff for the Opera browser, for what seems to be no reason what so ever. Their sites work perfectly in Opera; however, they still block non-Mozilla and Internet Explorer (IE) users. They don’t block Opera directly, which is why spoofing works.
- There are sites that take it one step further than Sprint. Sites like bellsouth.com and cvs.com, intentionally block Opera users, again for no reason. Spoofing as another browser doesn’t help at all; masking is the only option. cvs.com has told Opera for quite some time already that they’ll fix it, but we’re still waiting.
How to spoof/mask?
With Opera 9 you now have the ability to spoof and mask on a site-by-site basis. You simply right click on the page (or by hitting F12), click on ‘Edit site preferences’, under the ‘Network’ tab you will see options for browser identifications. The default now (as of Opera 9) is “Identify as Opera”. To spoof as Mozilla or IE, select “Identify as Mozilla” or “Identify as Internet Explorer”, respectively.
To completely hide the fact that you’re using the Opera browser, you need to ‘mask’. To mask select either “Mask as Mozilla” or “Mask as Internet Explorer”.
Things to consider when spoofing/masking
- If you need to spoof or mask Opera, try by spoofing and masking as Mozilla first, since Opera renders closer to Mozilla than IE.
- Always try spoofing first. Masking should be a last resort option. Since masking hides Opera identity altogether, Opera won’t show up in the website’s statistics, and thus won’t be compelled to support Opera.
What Opera does about browser sniffing
In some cases Opera spoofs and masks its identity for you. Opera maintains a list of sites that block the Opera browser for no apparent reason. For these sites Opera spoofs or masks as another browser without any user intervention. This list is automatically downloaded and updated in your browser each week.
How to notify Opera about offending sites?
- To report sites that block the Opera browser to Opera, in the menu bar go to Help and click on ‘Report a site problem’.
- Submit a bug report to Opera at bugs.opera.com/wizard
Be vocal
As always, it helps if you contact the offending websites directly. Do yourself and the Opera community a favor.
using
I do regularly report offending sites. But I am curious to know what exactly happens after a site is reported. I remember that in v8.xx opera had included browserjs, to fix compatibility issues with various sites. How extensively is it being used by Opera’s Open the Web team?
using
Pallab, hopefully David can clear that up in his article
using
I don’t spoof, and I certainly don’t mask. If a site doesn’t work, I take a look at the site’s code and try to fix it with UserJS - that way you can be sure that Opera will appear in the site’s visitors statistics. If it’s not possible to fix the problem that way, I simply don’t visit the site. This way I hope to contribute to “Opera awareness” among webmasters.
I’m glad I don’t need to do this very often, but unfortunately I’ve seen too many examples of unnecessary sniffers…
using
So What’s the point in blocking ?
Why do the extra work of blocking out Opera while the site works ?
Why not just leave it as it is ?
using
I think you meant browser sniffing there.
using
Often, its actually extra work to get sites working with Opera. Thats because most ameteur webmasters like me take ready made js etc and implement it in their website. However, often its these scripts which are at fault. So the webmaster ends up discriminating against Opera without wanting to do it specifically.
using
I’m looking forward to David’s article
Maybe I’ll repost this there…
Perhaps one day, Opera will have a service that allows troubleshooting bad sites, sort of like a knowledge base. For example, let’s say I go to random.site.com, and it blocks Opera. Upon clicking Help/Report a site problem, Opera will contact the service and fetch a description that states something like the following:
* Known issue
* Blocks Opera intentionally
* Webmasters don’t respond to error reports
* Working solution: Identify as IE
* Working solution: Mask as Mozilla
* Working solution: Mask as IE
Or, perhaps,
* Unknown issue, please submit a report
* Try Identifying or Masking as Mozilla/IE
Maybe even…
* Known issue
* Site will be fixed by webmasters soon
* Temporary solution: Mask as Mozilla
* Temporary solution: Mask as IE
The Help button in the Report… dialog could then display instructions on how to perform spoofing/masking. (While we’re at it, Opera, PLEASE include a local help file!)
Maybe even a touch of magic - the Mask/Identify text could be links which would automagically change Opera’s settings, reload the page, and pop up a dialog asking “Did the change solve your problem?” - if Yes, all is well, if No, send a bug report.
using
Pallab thanks, but I meant for sites that work.
using
Frenzie, thanks for the correction.
using
I’m repeatedly put down by my bank’s internet banking portal. Even the title/login page (https://ebssl.unibanka.sk/) would not display in Opera 9. It all worked just fine in Opera 8, however. It works fine in FF. In Opera 9, just an error message is displayed. In this case, you cannot enter the “site specific prefferences” menu, so I can’t figure out if spoofing would help.
using
Well said blah. The only other thing that Opera might need to mask is the actual operating system. On Ebay, it disables some pages when I’m using Linux Opera, but on Opera for Windows (and Mac, as I presume from Ebay’s help pages claiming Opera 7 onward is supported) it works fine. Is this discrimination on operating systems aswell as browsers?