From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from localhost (71-38-157-25.ptld.qwest.net [71.38.157.25]) by hurricane.the-brannons.com (Postfix) with ESMTPSA id 44C6277AA9 for ; Wed, 26 Aug 2015 22:32:29 -0700 (PDT) From: Chris Brannon To: edbrowse-dev@lists.the-brannons.com References: Date: Wed, 26 Aug 2015 22:34:35 -0700 In-Reply-To: (Kevin Carhart's message of "Wed, 26 Aug 2015 16:19:31 -0700 (PDT)") Message-ID: <87y4gxwaz8.fsf@mushroom.localdomain> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain Subject: Re: [Edbrowse-dev] user agent spoofing X-BeenThere: edbrowse-dev@lists.the-brannons.com X-Mailman-Version: 2.1.20 Precedence: list List-Id: Edbrowse Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Aug 2015 05:32:29 -0000 Kevin Carhart writes: > In addition to reading the settable user agent string, they test > hundreds of things over javascript, and create a unique hash based on > the answers. Well, this is true. But spoofing the user-agent header is still often quite effective. There are sites out there that block edbrowse for no good reason. I seem to remember that in the past an example was kpfa.org or kpfk.org, don't remember which one, but it was one of the Pacifica stations. They fixed this at some point. But spoofing user-agent turned a 403 to a 200. There are other sites that autoblock edbrowse; I find them from time to time. They don't autoblock lynx. So I wonder, is someone using edbrowse for "questionable" purposes? Five will get you ten that they are. It's also possible that someone has preemptively added edbrowse to some sort of list or lists of "browsers that should be blocked", after deciding that it had a possibility of "mis-use". Let's not kid ourselves here; I'm sure there are those who consider edbrowse highly subversive. -- Chris