[thelist] Is server-side browser-sniffing a bad idea?

Angie Ahl angie at vertebrate.co.uk
Thu Dec 6 17:05:02 CST 2001 

Ok

a few questions come to mind over this.

First I have witnessed this proxying the wrong version myself, and 
with my own sites, but since I started doing dynamically driven sites 
with a sessionID style of working I've not seen it.

This is presumably because the search arguments are changing each 
time (the session id is different for each user) so the proxy cannot 
conclude that it is the same url as before.

However. Cookies don't change the url (the header, but not the url), 
and yet I've noticed that I've not seen this problem with cookie 
driven sites either. Which leads me to believe that any change to the 
URL or header will force the request to go all the way to the server 
and not get intercepted/stored by the proxy.

However I'd like to be certain how things work as I rely heavily on 
server side conclusions based on client type (user agent) info, 
although never too heavily, but something else lurks in the back of 
my now slightly concerned tired mind.....

I've done loads of dynamic sites now. too many to count, and I've 
never ever heard of 2 users getting the same orderid on a site.

EG:

1. Angie goes to www.evoltshop.dom and adds an item to her cart.
www.evoltshop.dom/addtocart.html?addProdID=1

2. The proxy intercepts this and stores a copy of the response 
page,called say addtocart.html
  Note: At this point no order ID has been assigned so the url is not 
yet dynamic.

3. Tommy also goes to amazon through the same proxy and adds the same 
item to his new cart.
Again the url is
www.evoltshop.dom/addtocart.html?addProdID=1

Except surely this should cause a nightmare waiting to go off, as the 
proxy would see the same url and deliver the same page Angie got, 
with all the url's containing her shopping cartID, therefore giving 
the same cart (orderid) to 2 users, Bang here comes the nightmare.

I've never had this happen, So I'm a little baffled as to when a 
proxy steps in and doesn't.

Thoughts peops?

Angie



>  > From: Ben Gustafson <ben_gustafson at lionbridge.com>
>[...]
>>  I'm not sure if I follow how web caching would alter the HTTP User
>>  Agent string that a browser sends to the Web server. Do all clients
>>  connecting via a proxy server identify themselves as the first browser
>>  that requested the page they are requesting?
>
>no, it doesn't alter the string... this scenario:
>
>1. NN user goes to foo.com...
>2. proxy intercepts request, sends request to foo.com...
>3. foo.com responds with NN-specific code...
>4. proxy caches page, passes to NN user...
>5. IE user goes to foo.com...
>6. proxy intercepts request, hands back cached version...
>7. IE user gets code error, because it was NN page...
>
>is that any clearer?
>
>
>---------------------------------------
>For unsubscribe and other options, including
>the Tip Harvester and archive of TheList go to:
>http://lists.evolt.org Workers of the Web, evolt !

More information about the thelist mailing list