Jaa


XPSP2 and its slightly updated user agent string

The information published in this post is now out-of-date and one or more links are invalid.

—IEBlog Editor, 20 August 2012

Hi, I’m Christopher Vaughan, and I’m the lead project manager for the Internet Explorer team. I’ve worked on IE on and off since the IE 3.0 days, and have been involved in every major Windows release since Windows 95. I work with Dean, Scott, Tony, Dave, and the others who have or will be posting here to make sure that the IE team is working on the right things and at the right times.

I wanted to drop a quick note to make sure people knew about an update to our user agent string in Windows XP Service Pack 2. We’ve added "SV1" to the UA string so it’ll start looking something like this:

HTTP_USER_AGENT :Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 1.0.3705)

This will let site authors know that they’re being visited by someone who’s running an IE browser on the latest, most secure Microsoft platform. Right now only XPSP2 has this token, but soon you’ll see this token show up on other platforms as we bring our security enhancements to them.

SV1 stands for "Security Version 1" by the way. We’re proud of the security work that we’ve done in XPSP2 and wanted to be sure that site authors had some way to differentiate users running the latest version of IE.

Also, I'd like to remind folks that there's an online chat scheduled with members of the IE team on September 9th. See the chat schedule for details. See you there!

Till next time!
-Christopher

Comments

  • Anonymous
    January 01, 2003
    Forgive me, but isn't it much simpler to just bump up the version number? IE's UA string is too long to begin with and already quite filled with less-than-obvious information.

    Why the insistance on staying at version 6.0 when IE has obviously had several major enhancements?

  • Anonymous
    January 01, 2003
    There is a downside. Now the spyware manufacturers can customise their installers and you end up with screen shots like the one I blogged about at http://idunno.org/displayBlog.aspx/2004082901

  • Anonymous
    January 01, 2003
    Why does IE claim to be Mozilla? Or even Mozilla compatible? There are several major browsers more like Mozilla than IE is.

  • Anonymous
    January 01, 2003
    FYI, when you install SP2 on a Windows XP Tablet PC Edition machine the UA string will be updated to include "Tablet PC 1.7", in addition to "SV1".

  • Anonymous
    January 01, 2003
    Rory
    Its a legacy of the browser wars. When IE still had little market share, it, like many other browsers, started copying Netscape's UA which has always started with "Mozilla". This was to prevent it from being locked out of sites. When IE became a major web browser, other browsers began to mimic it.

  • Anonymous
    January 01, 2003
    Regarding the 'Mozilla' prefix on the string- given that things have now inverted, and we find browsers like Opera putting 'IE' etc. in their default using string... do you suspect 'Mozilla' on IE's user agent string will ever be dropped- perhaps as a sign that IE stands on its own feet now, if nothing else?

  • Anonymous
    January 01, 2003
    The only good reason (that I can think of) to sniff for "SV1" is to accomodate the unwanted status bar in dialog windows. See http://www.aspnetresources.com/blog/sp2_early_tweak.aspx.

  • Anonymous
    January 01, 2003
    With Windows XP Service Pack 2 the web browser user agent string changes for internet explorer to SV1 aka "Security Version 1". Like that´s logical! Hence, what did we have before SP2 - only security version 0 ? [small rant]

  • Anonymous
    January 01, 2003
    I'm not so much worried about the past as much as the future. How does this new identifier age? Under what kind of circumstances will we see SV2? Would a hypothetical MSIE 7.0 still be SV1? Will it not have any SV identifier? Has the SV identifier become the new version number with the "MSIE #.#" substring forever frozen?

    Logically, all future versions of IE will have at least the same security measures and likely supperior ones as new vulnerabilities are found and addressed. "SV1" would quickly become meaningless.

  • Anonymous
    January 01, 2003
    Why is such problem to increase minor version of browser? Everybody in browser business is doing such thing, so Microsoft has to do something different? Will MSIE 7 be in UA string "MSIE 6.0; ... SV1a"?

  • Anonymous
    January 01, 2003
    Security Version 1! Haha! I'm glad after six versions, you've finally decided to add security. :D

  • Anonymous
    January 01, 2003
    What's gonna happen if the Mozilla Foundation start insisting that IE can't claim to be "Mozilla" because it dilutes their brand?

  • Anonymous
    January 01, 2003
    I reiterate all above comments. And who's idea was it to add sv1 instead of incrementing the version? I have a nice meringue pie for that gentleman/lady. Just how many separate version numbers do we need?

    Where's the bit about "Bacon 2.4.x", eh? It is so useful that I can't live without it!

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    thanks! updating firefox user agent switcher ie uas

  • Anonymous
    January 01, 2003
    Popup blockers are usually detectable because the popup window fails to create. That detection method works cross platform and cross browser, so why bother with user agent string stuff?

  • Anonymous
    January 01, 2003
    IE is only Mozilla 4.0 compatible. snicker Anyway, if the Mozilla people were gonna whine about Microsoft using its name in their user agent string, that would've (and maybe did?) come up during Netscape/AOL's court case against them, if not earlier.

    "soon you’ll see this token show up on other platforms as we bring our security enhancements to them."

    aha! So there will be updates to IE for other platforms! Good to know.

  • Anonymous
    January 01, 2003
    We need to sniff for SV1 for the following workaround:

    Problem:
    When a PDF document residing in a frame in IE60 under XPSP2 calls an ASP file with [PDF function] submitForm() nothing displays in the browser window. This seems to be a new bug introduced in XPSP2. Anyone have an explanation?

    Workaround:
    We normally want the PDF document in the frame but are willing to (have to!) place it outside all frames when we detect XPSP2 - by sniffing SV1.

  • Anonymous
    January 01, 2003
    http://ars.userfriendly.org/cartoons/?id=20040811 - lol

  • Anonymous
    January 01, 2003
    Soren Werk:
    And what happens when IE is updated to SV2? It would have to a regular expression to be reliable---which would make the whole "SV1" thing moot as the version number could simply be incremented. I -really- don't see the advantage. Indeed, I see only disadvantages in the long run.

  • Anonymous
    January 01, 2003
    I agree - "SV1" is a hackish word.

    But has anyone else observed the problem we have? (described above)

  • Anonymous
    January 01, 2003
    ********************* Soren Werk wrote

    We need to sniff for SV1 for the following workaround:

    Problem:
    When a PDF document residing in a frame in IE60 under XPSP2 calls an ASP file with [PDF function] submitForm() nothing displays in the browser window. This seems to be a new bug introduced in XPSP2. Anyone have an explanation?

    Workaround:
    We normally want the PDF document in the frame but are willing to (have to!) place it outside all frames when we detect XPSP2 - by sniffing SV1.

    **************


    Thanks to Soren Werk on clue to Adobe PDF form submit problem with XP SP2 internet explorer. Although the workaround is really a problem for us as it confuses users when Adobe Form is launched on a separate window.

    We will ask Adobe developer support for a solution, we will appreciate if someone can shared with us for any solution to executing PDF forms within Frame/Frameset under XP SP2.

  • Anonymous
    January 01, 2003
    The "information bar" is a complete nightmare and disaster for anyone who uses css, layers, gallery type functions, etc. in their designs. Will IE be offering any tools to designers so that every site they've designed this way isn't completely worthless??? Seriously, this is completely unacceptable!

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    > Will IE be offering any tools to designers so that every site they've designed this way isn't completely worthless?

    IE never did ;)

    Maybe instead of doing workarounds add message: "This site looks better in better browser. See Browsehappy.com"

  • Anonymous
    January 01, 2003
    I just heard you will fix IE crashing on this pic
    http://sylvana.net/test/AP4.jpg
    just with XP SP3.

    Is it true?
    How should webmasters or guestbook owners react to this? Disabling links and image posting in blogs, guestbooks and so on?

  • Anonymous
    January 01, 2003
    Internet Explorer 7 Beta 1 is fast approaching.  A tiny but significant code change was checked...

  • Anonymous
    November 12, 2007
    PingBack from http://notes.jschutz.net/7/website-optimisation/using-user-agent-statistics-to-detect-website-conversion-problems

  • Anonymous
    January 22, 2009
    PingBack from http://www.hilpers.fr/538678-quel-est-ce-navigateur

  • Anonymous
    May 31, 2009
    PingBack from http://woodtvstand.info/story.php?id=5579

  • Anonymous
    June 15, 2009
    PingBack from http://mydebtconsolidator.info/story.php?id=18725