Browser Masquerading   by Eugene Reimer, 2008-Jan22

Today I tried to get information from Canada-Post's website (the secure portion thereof) and was told that none of my browsers is supported -- not a single browser that runs on Linux is supported!  I am mad as hell and wondering what I'll do about it.  First, I decided to get serious about configuring my browsers to pretend they are the latest thing from Microsoft, and that they're running on the Windows operating-system. 

Not that I like doing things this way... 

Designing a website to detect which browser is being used, and then refuse to operate with any but a few select versions, is a dumb idea.  Its being a bad idea is so obvious, that I have very little hope of converting any of those so wrongheaded as to do it.  That's not the purpose of this article in any event.  I will deal with how to get around it, explain why I'm reluctant to do so, and will make a plea to browser-designers for better work-around solutions to this wrongheadedness we encounter on sites such as CanadaPost.CA.

How Browsers Identify Themselves:

Browsers send an identifying string known as the User-Agent string, and this is what we alter to pretend our browser is something other than it is.  Choosing which browser to pretend to be is fairly easy.  Since no website designer, wrongheaded or not, will ignore a browser having 50% market-share, we'll always pretend to be using Microsoft-IE on Windows.  The only tough part is deciding whether to be the latest version, or the 2nd latest.  Most of the time we'll be best off by pretending to be using the 2nd latest, since for one thing, it takes some time for a wrongheaded web-person to do the updating and testing for a new version.  As of this writing, two appropriate User-Agent strings are:

Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
where NT-5.1 indicates Windows-XP; NT-6.0 indicates Windows-Vista;  these are from Microsoft's own info on User-Agent strings at msdn.microsoft.com/en-us/library/ms537503(VS.85).aspx.

Incidentally, sources reporting MSIE being used by 90% of all web-surfers are surely over-reporting the popularity of that browser.  Since the rest of us are often forced to pretend to be using that browser, and since many of us are unwilling to be forever fussing with the turning-on and the turning-off, there is no way of knowing how many are really using that browser, and how many are merely pretending to be.  The day may come when none of us are using it, and yet the stats show that all of us are:-)

Info about Your Browser:


Browser Features Needed:

We (unfortunately) need the ability to pretend to be using a browser other than what we are, and an operating-system other than what we are.  We wish to minimize the distorting effect such masquerading will have on browser-usage stats, and we wish also to minimize problems with sites that use the browser-identity in sensible ways;  ergo, we need the ability to easily turn this on and off, in a way that is remembered -- so that once I've determined, for example, that for Canada-Post my User-Agent string needs to indicate MSIE-on-Windows, then that will be done on future visits with no further action on my part.

Opera has almost everything that is needed.  It allows per-site settings for masquerading; it offers two levels of pretense, but IMHO once one encounters a wrongheaded website then one wants the more complete kind, which is the "Mask-as" kind.  See www.opera.com/support/search/view/570, and help.opera.com/Linux/9.22/en/network.html for the details.  With the "Mask-as" kind, it is willing to masquerade the operating-system part of the User-Agent string, to indicate Windows-NT.  (Saying it is MSIE on Linux would be just too obvious a lie (smile); that is what it says for "Identify-as", but for "Mask-as" it lies more convincingly:-)

Note that we need yet other browser features.  Presently different browsers provide different "DOM" models, allowing those wrong-headed ones who wish to do "browser sniffing" additional ways of determining a browser's identity.  So for Opera to successfully masquerade as IE it needs to provide an IE-like "DOM".  And that's asking rather a lot.

The HOW-TO

For Firefox, see www.ericgiguere.com/articles/masquerading-your-browser.html

For Opera, see www.ericgiguere.com/articles/masquerading-your-browser.html

For Konquerer, see www.nslug.ns.ca/pipermail/nslug/2007-January/009840.html.

Conclusions

Unfortunately, Opera's masquerading does not fool Canada-Post's checking.  Amazing!  The wrongheadedness at Canada-Post goes beyond anything that can possibly be justified by even the flimsiest of reasons.  I haven't tried Firefox nor Konquerer. 

Since I had other reasons for wanting the genuine Internet-Explorer, and since it can be run under Wine, I went that route.  The next sad part of the story: it is not worth the effort -- the brokenness of Canada-Post's website is essentially unchanged when viewed with a "supported" browser.  The number of broken links, the use of deceptive links that no-one in his right mind other than a phishing spammer would even consider, the misleading prose, the various kinds of dead-ends, all combine to make it a nightmarish experience. 

2009-Jan20:

One year later, when another price-hike at Canada-Post meant revising shipping-costs yet again, I gave their Sell-Online tool a more serious try.  I did get their Sell-Online tool working, despite the appalling documentation.  Only to learn it doesn't even come close to living up to the hype.  It refuses to quote Light-Packet or Oversized-Letter rates.  So one has to handle those separately.  Then I thought it would at least be useful for pricing "Parcels".  Alas, even for parcels it quotes rates that bear no simple relationship to what one actually pays when shipping a parcel.  This is sad.

See my Using CanadaPost's SellOnline article for the details.