User agent string meaning explained

Why user agent strings look strange

User agent strings are full of historical baggage. A Chromium browser can mention Mozilla, AppleWebKit, Chrome, and Safari in the same line. Those words are there because old websites made decisions from string checks, and browsers kept the tokens to avoid breaking pages.

Example

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/124.0 Safari/537.36

Desktop Windows client, Chromium-based browser, Safari token kept for compatibility.

How to read a user agent string

1. Start with the part in parentheses; it usually carries the operating system and device hints.
2. Read the browser version near the end, but ignore compatibility words that are only there for old sniffing logic.
3. Treat mobile, tablet, and bot names as self-reported hints.
4. For crawler checks, verify the crawler separately. For frontend behavior, test the feature instead of trusting the string.

Browser compatibility tokens

Mozilla/5.0 at the front does not mean Firefox. Safari in a Chromium string does not mean Safari. Those tokens survived because too many sites used brittle browser sniffing.

For analytics, parsing the string into rough browser and device groups is fine. For code paths, feature detection is less likely to punish a real user with a slightly unusual string.

Bots and spoofing

Search crawlers and automated clients often name themselves, but the header is still just text supplied by the client.

For known crawlers, use the provider's verification method, such as reverse DNS checks. A fake Googlebot string is easy to send.

Common mistakes

• Assuming every Mozilla token means Firefox
• Blocking users because a browser string does not match a narrow allowlist
• Trusting user agent text for security decisions
• Parsing the string with one pattern and ignoring mobile or bot variants

Related problems