Jaa


The IE7 User-Agent String

In April 2005, we blogged about the new Internet Explorer 7 User Agent string sent to websites by the browser to identify itself.  Since our original blog posting, we have also posted two new articles on the topic to MSDN: Understanding User-Agent Strings, and Best Practices for detecting the Internet Explorer version.

A quick recap:

  • On Windows XP SP2, IE7 will send the following User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)
  • On Windows 2003 Server, IE7 will send the following User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2)
  • On Windows Vista, IE7 will send the following User-Agent header: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)

Over the last eighteen months, most sites that had previously blocked the new version of Internet Explorer have been updated, and we’re happy to report that the vast majority of Internet sites are now accessible using IE7.

There are a few remaining sites which fail to recognize IE7 because they are performing exact string matches to look for specific IE version strings. Those checks will need to be removed or updated to accommodate IE7. The Best Practice document linked above provides suggestions.

To enable you to workaround any remaining sites that block access to Internet Explorer 7, we developed the User Agent String Utility.  The utility comes in the form of a small executable that opens an IE7 instance that sends the IE6 user agent string.  It also provides a mechanism for you to report problem web sites to Microsoft so that we can follow up with the affected site owners.  Please download the tool and give it a try.

We look forward to your feedback!

Eric Lawrence

Comments

  • Anonymous
    September 20, 2006
    Ok, I understand the historical reasons for including the string "Mozilla" in IE's user agent, but c'mon, its 2006. I think its time to move on. Of course it won't happen until developers stop depending on it.....but I'm saying it anyway.

  • Anonymous
    September 20, 2006
    PingBack from http://pcwinvista.com/2006/09/link-ie7-user-agent-string/

  • Anonymous
    September 20, 2006
    Hi

    There is a rumour now circulating on webmaster and domaining forums saying that IE7 will be out sometime in the next 2 weeks.

    Can you confirm if this is true? If it isn't just say so and quash the rumour-mongering now.

    Regards,

  • Anonymous
    September 20, 2006
    Where transcript of recent chat with IE team can be found?

  • Anonymous
    September 20, 2006
    Why not state already now that you will loose the Mozilla 4.0 compatible part fron the string for IE8.
    If you announce it now webdevelopers around the world will be able to adjust their sites for a year or more and it would also be possible to set up a good way of informing sites that that they are doing an incorrect check well in advance.

  • Anonymous
    September 20, 2006
    I'm using Windows Vista RC1 and cannont download this tool. Is there a way to get this little programm?

  • Anonymous
    September 20, 2006
    why not give the possibility to change the user string from the IE7 instead use the registry or external utilities?
    For example a drop down menu to choose new IE7 user agent string and old IE6 user agent string

  • Anonymous
    September 20, 2006
    @Luc: that doesn't seem a good idea to me.

    As a webdeveloper, I absolutely hate it when user agents lie about who they are. The only times I use UA detection is when I know 100% certain that a certain UA doesn't support something I'm doing. Unknown UA's always get the full featured site, written to w3c standards to the best of my ability.

    So if I used some feature that doesn't work properly in Opera, and Opera tells me it's IE, it gets the wrong version of the page and thus it breaks.

    UA changing should be done only as a last resort for those poorly coded sites that lock unknown strings out. It should not be easily accessible.

    Plus, since 90% of IE users probably don't know what a user agent string is and shouldn't need to, such an option would only create confusion.

    Just my 4c (inflation).

  • Anonymous
    September 20, 2006
    People are blocking visitors based on user string? People are still doing that??? I thought we left the stone age behind.

  • Anonymous
    September 21, 2006
    Indeed.  Isn't it a bit silly for a website owner (whose mission it is to drive traffic) to block users based on strings?  Seems counter-productive to me.

    I once switched banks because they wouldn't recognize my wife's web browser (Safari).  I'd do the same thing if they wouldn't recognize IE 7 or any other major browser.

  • Anonymous
    September 21, 2006
    many people simply copied ancient "browser check" functions from some javascript resource websites, with no clue in what the functions actually do.

  • Anonymous
    September 21, 2006
    Frankly, I'm not shocked by the Mozilla/4.0 part of the string - it's actually useful to point out the fact that IE7 is still an HTML4 (fourth generation) browser that can't handle XHTML, while the competition can (fifth generation - Mozilla/5.0 used by Mozilla browsers since 2002).
    No, the only 'XHTML' IE 7 can handle is one following the XHTML 1.0 Appendix C using text/html IME type and the recommendations for 'compatibility with outdated browsers' - meaning IE is already outdated while it's still ot out yet.
    What I find shocking is IE still returning '/' for supported mimetypes - when it can only understand text/html, text/plain, application/xml (after a fashion), and it will just prompt to download the rest.
    Hey guys, wake up! Even .Net is already using XHTML!

  • Anonymous
    September 21, 2006
    The comment has been removed

  • Anonymous
    September 21, 2006
    What is the point of leaving comments like this?  Grow up!

  • Anonymous
    September 21, 2006
    The comment has been removed

  • Anonymous
    September 21, 2006
    The comment has been removed

  • Anonymous
    September 21, 2006
    Open documents in IE7? I thought it was a web browser...

    Note to self: People will never be happy with what they get.

  • Anonymous
    September 21, 2006
    Documents = pages I work with

    Will you be happy if your browser often crash and doesn't recover your work after this?

    If you can, make a browser that doesn't crash
    If you cann't do so, make the crashes less painful.

    MS Office 2007 Applications are much more complex than IE7 BUT ULIKE IE7 they worked good since the first beta and will work even better after release. Word crashed 4 times through half a year. And it just restarted itself with RESTORED document. No pain.

  • Anonymous
    September 21, 2006
    Mozilla is a trademark. Why are you violating a trademark and pushing a product labled as a Mozilla product, taking advantage of the good name of Mozilla? It is wong to misrepresent yourself to be Mozilla when you are clearly not! That's called counterfeiting!

  • Anonymous
    September 21, 2006
    Although many uses of Mozilla's trademarks are governed by more specific rules, which appear below, the following basic guidelines apply to almost any use of Mozilla's trademarks in printed materials, including marketing, fundraising and other publicity-related materials, and websites:

    • Proper Form - Mozilla's trademarks should be used in their exact form -- neither abbreviated nor combined with any other word or words (e.g., "Thunderbird" rather than "T-Bird" or "Thunderbinary");

    • Accompanying Symbol - The first or most prominent mention of a Mozilla trademark should be accompanied by a symbol indicating whether the mark is a registered trademark ("®") or an unregistered trademark ("™"). The Mozilla trademarks include, among others, the names Mozilla®, mozilla.org®, Firefox®, Thunderbird™, Bugzilla™, Camino®, Sunbird™ and Seamonkey™, as well as the Mozilla logo, Firefox logo, Thunderbird logo and the red lizard logo. As Mozilla registers others, it will update this policy;

    • Notice - The following notice should appear somewhere nearby (at least on the same page) the first use of a Mozilla trademark: "[TRADEMARK] is a ["registered", if applicable] trademark of the Mozilla Foundation";

    • Distinguishable - In at least the first reference, the Trademark should be set apart from surrounding text, either by capitalizing it or by italicizing, bolding or underlining it.

  • Anonymous
    September 21, 2006
    @ StopCounterfeiting

    If it worries you so much, you can bring an action against Microsoft and gain a suit at law. But your laments here are useless though quite rightful.

  • Anonymous
    September 21, 2006
    If Windows Internet Explorer 8 were to drop "Mozilla" from the User-Agent string, I'd suggest a switch to simply:

    WIE/8.0 (Windows NT 6.0)

    Alternatively, if too many sites appear to be sniffing for the string "MSIE" to make this viable:

    WIE/8.0 (MSIE 8.0; Windows NT 6.0)

  • Anonymous
    September 21, 2006
    In Windows Vista RC1, Firefox Works better than the default browser, what a shame for the team that develops the default browser.

  • Anonymous
    September 21, 2006
    A while back I made a blog post about UA strings and how I think they should look. I know this won't happen for a long time if ever but here's my post:
    http://blogs.securiteam.com/index.php/archives/217

    That would just make life so easy.

  • Anonymous
    September 21, 2006
    There is a right way to do it, and trademark or no trademark, you have to admit, the way it is now is wrong.

    IE7 is the right time to get the momentum out to implement the user agent string correctly.

    If IE7 does it, maybe everyeone else will follow. Just think of the bandwith savings in sending 'MSIE' rather than 'Mozilla', that's a savings of 3 characters right there. Multiply that by billions and billions served.

  • Anonymous
    September 21, 2006
    @Omar A. Perez
    Firefox can't work better than IE7 in Windows Vista, because Firefox doesn't have the protected mode. So Firefox is less safer than IE7 under Windows Vista

  • Anonymous
    September 21, 2006
    It's funny that the same ridiculous comments get posted each time they blog about this... There's a reason they keep blogging on this thing-- because sites are still so stupid that the user agent string breaks when you change the number 6 to 7 (and they've had this in for over a year now!).  What do you think would happen if they took out the "Mozilla"?

    You can try it... use a debugger to change the User-agent string to your proposed string and see how many million sites break.

    If you look at the tradeoffs, they made the right choice.

    =Fred

    PS: The idea that trademark law is relevant here is just stupid.  If that worked, all Microsoft would have to do is put the name of say "Windows" in a protocol identification string (say SMB) and bingo-- no one (e.g. SAMBA) would be allowed to use your protocol 'cuz they're not allowed to send the required string.  

    The only thing worse than a lawyer is a non-lawyer who tries to sound like one.

  • Anonymous
    September 21, 2006
    The comment has been removed

  • Anonymous
    September 21, 2006
    @Mark Kenny
    >People are blocking visitors based on user string? People are still doing that??? I thought we left the stone age behind.

    Unfortunately, this is happening again in the mobile Internet. In Austria, for example, a big mobile phone operator is abusing the user-agent string to distinguish whether the phone was sold by him (branded ua-string) or not. In the second case -- when you bought an unlocked or unbranded phone by your own -- the access to the Web site is blocked.

    I have started a campaign in Austria to raise awareness of this emerging issue in the mobile Internet: http://freechoiceofmobile.org/

    It is sad, that there are still companies that do this kind of Web browser discrimination intentionally. If you understand German, I recommend reading the arguments that are trying to defend this practice. It will make you laugh ;-)

  • Anonymous
    September 22, 2006
    Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)  <<<< This is the most bug-free string!!! IE7 on Vista!!! IE is purfect!

    I will be upgrading right away! Microsoft programmers get paid and work harder and faster than open sores Firefox grammers coz they eat more!!

    Vista will be the best OS that ever livd! Good job Microsoft! Always bug-free!

  • Anonymous
    September 22, 2006
    The comment has been removed

  • Anonymous
    September 22, 2006
    The comment has been removed

  • Anonymous
    September 22, 2006
    It would really help me if someone could explain in layman's terms why the user agent has anything other than MSIE in it. Was IE based on Mozilla or something? Thanks.

    Bring Back the Image Toolbar!

  • Anonymous
    September 22, 2006
    spf1, read http://en.wikipedia.org/wiki/User_agent#User_agent_spoofing

  • Anonymous
    September 22, 2006
    @spf1: Back in the early days of the web (circa 1995), many websites wouldn't return certain content (e.g. frames, images, etc) unless your browser sent a certain identification string.  Hence, all browsers that had feature parity with the Netscape browser of the time used a similar string.

    Now, many years later, there's a large body of server-side code which expects to see these strings, and hence IE continues to send them.

  • Anonymous
    September 22, 2006
    @Norman
    The VML vunerablity works on fully patched Windows XP.
    http://sunbeltblog.blogspot.com/2006/09/seen-in-wild-zero-day-exploit-being.html
    And here the guy who found the vunerability claims it also workt in some versions of outlook without user action:
    http://sunbeltblog.blogspot.com/2006/09/eric-talks-about-vml-exploit-on-steve.html
    If it would work in outlook that it would be extremly dangerous.

  • Anonymous
    September 22, 2006
    "MSIE 7.0, Windows NT 6.0"

    That's the perfect string. I thought you didn't care of breaking the compatibility of MSIE6.0-webpages.

  • Anonymous
    September 22, 2006
    The User Agent String Utility is useful but would be better if it was designed as a button on IE7 that would refresh the page to the displayed website with an IE6 string.  

    This is useful when a site displays poorly and you just want to be able to get it to behave for the time being.

    Many sites use edit controls that grab the string and decide how to display the edit control.  Leaving IE7 and restarting is sometimes a pain.  This would help in this case.

    It's good now but if any chages are made to the utility this might be a good update for it.

    Thanks for the agent.

  • Anonymous
    September 22, 2006
    The comment has been removed

  • Anonymous
    September 22, 2006
    A little history lesson for spf1 and others: "Mozilla" was the code name (and mascot) for Netscape.  Therefore, Mozilla 4.0 would be Netscape Navigator 4.0.  Back in the day, IE had to pretend to be Netscape to get the good versions of websites, due to user agent sniffing.

    When Netscape released the source code for their browser, they named the project after their mascot and code name, creating the Mozilla we know today.

  • Anonymous
    September 22, 2006
    Keeping the Mozilla/4.0 doesn't make complete sense because those sites doing the browser check are going to have to update their code anyways (no matter the extent of the UA string change).  In other words, a clean break from this does seem plausable.

    However, as someone already pointed out, it is still a Mozilla 4.0-compliant browser.  The UA string has been misused and butchered, but technically speaking, keeping the Mozilla/4.0 does make some sense.

    I think many lack understanding of the meaning and history behind the UA string.  Do not confuse the Mozilla tag with the modern-day Mozilla.org.  The two are completely unrelated in that Mozilla.org is an open-source development community that derived itself from the old Netscape, which of course used Mozilla as the code name for it's rendering engine (just like MS uses Trident as the code name for the IE rendering engine).  Mozilla/4.0 roots from the days where Netscape ruled, and that tag simply implie(d/s) the HTML compatibility level that a given browser has.

    I'm sure I am on target, but if you are more knowledgable about this, please don't tear me a new one.  Instead, please elaborate on this.

  • Anonymous
    September 22, 2006
    @hAl

    active scripting is disabled in Outlook so the exploit can't work!!!

  • Anonymous
    September 22, 2006
    Why don't you speak with Mozilla team and change the UA together (in FF 2.0 & iE 7)? You could use a standard UA system. For example:

    For iE: "MSIE/7.0; Trident/TRIDENTVERSION; WindowsNT/6.0"
    And FF: "Firefox/2.0; Gecko/GECKOVERSION; WindowsNT/6.0"

    It would be really useful for webmasters to have a standarized form, so we could know all the data easily...

  • Anonymous
    September 23, 2006
    @norman
    I take it that you now found that the vml issue does work on XP ?
    The issue of outlook raised in de podcast already mentiones that not all outlook versions are vunerable so thhat might be related to a specific outlook implementation.

  • Anonymous
    September 23, 2006
    @ WhiteAcid & EricLaw [MSFT]

    Thanks for that. I was expecting a rude "use google" answer.

    Can't wait, looking good so far.



    ------------------------------
    Bring back the Image Toolbar!!

  • Anonymous
    September 23, 2006
    PingBack from http://www.savahost.com/art_optimization/stats.htm
    Пользование серверной статистикой и User-Agent String. (in russian)Server statistic & User agent string.

  • Anonymous
    September 24, 2006
    @Nike

    The Mozilla way for UA is already standardised and your simplified UA would result in losing lots of information currently conveyed by the Firefox UA string, information used by websites and extensions.

    You have more information about Firefox UA strings here:
    http://www.mozilla.org/build/revised-user-agent-strings.html

  • Anonymous
    September 24, 2006
    PingBack from :http://exploit.blogosfere.it/2006/09/web_browser_internet_explorer_7_user_agent_string_1.html
    Web Browser : Internet Explorer 7 - User Agent String Utility version 2
    A utility that opens an Internet Explorer 7.0 window that is configured to report its identity to websites as being Internet Explorer 6.0 .

  • Anonymous
    September 25, 2006
    I always wondered what "compatible" is supposed to mean? What exactly is MSIE compatible with??

  • Anonymous
    September 25, 2006
    A utility that opens an Internet Explorer 7.0 window that is configured to report its identity to websites as being Internet Explorer 6.0 .di enore savoiaSystem Requirements :Supported Operating Systems: Windows Server 2003; Windows Server 2003 Service

  • Anonymous
    September 29, 2006
    Since I have downloaded IE7 RC1, I have not been able to enable JavaScript.  Under options I have it enabled, but still can't go to sites that have JavaScript.  I also can't go to the microsoft update page,  I need help and can't seem to get any one that can help me.  Please guide me to the correct area, Please.

  • Anonymous
    October 01, 2006
    @EricLaw [MSFT]
    "Now, many years later, there's a large body of server-side code which expects to see these strings, and hence IE continues to send them."

    Will that change in the next year? Or 2010? No, it won't. As long as we'll keep avoiding solving this problem, it will remain there. Does that mean we're doomed to having "Mozilla/4.0 (compatible)" for the rest of our lives? Is the value gained by this (a few months of avoided headache, and then most of still relevant sites would be updated) really bigger than the tradeoff?

  • Anonymous
    October 03, 2006
    @RQ: Given that there's no significant benefit to changing the user-agent string, no, we don't think that users would be willing to suffer the compatability impact. The hope, of course, is that browser-sniffing is something that fewer and fewer sites need to do.

  • Anonymous
    October 06, 2006
    Just read a article from MS guy and got a idea why I cannot use IE7 to visit some web sites while IE

  • Anonymous
    October 19, 2006
    With today's release of Internet Explorer 7, I would be remiss if I didn't inform anyone who hasn't yet...

  • Anonymous
    October 19, 2006
    PingBack from http://www.revolucao.etc.br/archives/o-internet-explorer-7-e-como-manter-a-versao-6-instalada-no-windows-xp/

  • Anonymous
    November 03, 2006
    PingBack from http://vista.edailytips.com/20061104/link-ie7-user-agent-string.html

  • Anonymous
    February 10, 2007
    PingBack from http://www.enetweb.net/2007/02/11/archives-web-browser-internet-explorer-7-user-agent-string-utility-version-2/

  • Anonymous
    January 21, 2009
    PingBack from http://www.hilpers.it/1865628-visualizzazione-immagini/2

  • Anonymous
    March 22, 2009
    PingBack from http://internetschoon.nl/development/ie7-strings/

  • Anonymous
    May 29, 2009
    PingBack from http://paidsurveyshub.info/story.php?title=ieblog-the-ie7-user-agent-string

  • Anonymous
    June 12, 2009
    PingBack from http://cellulitecreamsite.info/story.php?id=5026

  • Anonymous
    June 14, 2009
    PingBack from http://cutebirdbaths.info/story.php?id=1344

  • Anonymous
    June 15, 2009
    PingBack from http://einternetmarketingtools.info/story.php?id=240