Mozilla Tests If 'Firefox/100.0' User Agent Breaks Websites

Mozilla has launched an experiment where they change the Firefox browser user agent to a three-digit "Firefox/100.0" version to see if it will break websites. Bleeping Computer reports: A user agent is a string used by a web browser that includes information about the software, including its name, version, and technologies that it uses. When a new version of a browser is released, the developers also increment the version number in the user agent string. When visiting a website, the user agent strings are sent to a website so that the site knows the software capabilities of the visitor. This information allows the website to modify its response to account for different features of browsers.

As Firefox version numbers are currently two digits, Mozilla developers are investigating if anything breaks when they release Firefox Nightly version 100 in March 2022. "We would like to run an experiment to test whether a UA string with a three-digit Firefox version number will break many sites," Mozilla Staff Engineering Program Manager Chris Peterson said in a bug post first spotted by Techdows. "This new temporary general.useragent.experiment.firefoxVersion pref can override the UA string's Firefox version." When conducting the test, an enrolled Firefox user will have their user agent changed to the following string with the hopes that if anything breaks, they will report it to Mozilla: "Mozilla/5.0 (Windows NT 10.0; rv:100.0) Gecko/20100101 Firefox/100.0."

Re:

[MobileTatsu-NJG]

"Thankfully Mozilla is dying so we can live in our sad unchangeable Chrome world now."

Alrighty.

Re:Thankfully, by now no one cares anymore, Mozill

[Anonymous Coward]

Enough with the FUD.

They're at release 91. It is good management to see if the web will break in 9 releases and proactively fix it before it occurs.

Version 100, not going to be a problem for me

[bennet42]

After the fiasco that was 91.0, I rolled back to 90.09b, disabled proton, and am a happy camper again! Could be a while before I upgrade. I'll watch and see how they go, but prioritizing UX changes over bug fixes isn't a good path to success.

Re:

[williamyf]

After the fiasco that was 91.0, I rolled back to 90.09b, disabled proton, and am a happy camper again! Could be a while before I upgrade. I'll watch and see how they go, but prioritizing UX changes over bug fixes isn't a good path to success.

Silly you, instead of going 91.0-> 90.09b, you shoud have gone to ESR 78.
Proton free too and supported with security patches for longer than 90.09b.

what your comment reflects, is that you do not have the slightest idea of how web browser's release cycles work.

Now go back to browsing with your insecure broser.

Re:

[Mister Transistor]

Yes, the latest version 91 had a totally fucked "forced Proton interface" move, it ignores all the config switches that turned off Proton (yech).

That was bad enough but then they totally pissed me off, first on their website they took ALL the offline multi-version installers away! They removed the .../all page that used to have "all" the versions and languages of offline installers! What assholes. So, fortunately they hadn't turned off their FTP servers yet, so I was able to download the last stable 90.0

Re:

[Mister Transistor]

Well, that didn't work, either. The bastards are ignoring that value too. They are spamming me EVERY 12 HOURS to update, what assholes.

Well, I'm not done yet, and if unsuccessful, I'm switching to Pale Moon or some other fork. Screw those jerks. Their audience keeps dwindling because of user-hostile bullshit like this latest insult. It's no wonder they are losing the browser wars because and they have their ever-shrinking user base numbers to thank them for all the "efforts" lately. FF has sucked out

Re:

[Mister Transistor]

Just a quick final note on this, I still am running 90.0.2 with updates disabled. The way I found to successfully disable the update nag pop-up every day at 3:00 PM was to use the "policies.json" trick.

By using the policy, It keeps FF from putting the green dot on the menu and adding an update nag message to the menu, as well as killing the daily pop-up reminder! Yes!

It's easy - in the ff program files directory (or x86 if 32 bit), create a directory called "distribution". In that, place one simple file,

Re:

[Megane]

So, fortunately they hadn't turned off their FTP servers yet, so I was able to download the last stable 90.0.2 release version.

They didn't notice because they had already removed the FTP protocol from their browser.

they also made config changes that prevent backing down in versions

Every few versions they need to make changes in the config database schema, and you can't go backwards without having to start over with a new config. It's not just Firefox, other FF-derived browsers have this happen too. They just don't do shit that makes you want to go back to a previous version.

Re:

[Z00L00K]

The hack for Firefox is to:

1. Browse to your profile directory.
2. Create a folder named chrome. (Not google Chrome)
3. Create a file named userChrome.css and add the following:
   .titlebar-color{
   color: -moz-accent-color-foreground;
   background-color: -moz-accent-color;
   } .tab-background{
   border-radius: 0px 0px !important;
   margin-bottom: 0px !important;
   } .tabbrowser-tab:not([selected=true]):not([multiselected=

Re:

[Z00L00K]

Effin ASCIIART filter...

1. Do the about:config action and set toolkit (dot) legacyUserProfileCustomizations (dot) stylesheets to true.
2. Restart the browser.

See also:

• userchrome.org [userchrome.org]
• winareo.com [winaero.com].

Re:

[G00F]

Do the about:config action and set toolkit (dot) legacyUserProfileCustomizations (dot) stylesheets to true.
        Restart the browser.

Doing that doesn't seam to change anything firefox 91 ubuntu

Still have options browser.proton.enable to false.

I dont know what those mozila executives are thinking, they are losing users faster than ever with each of their dumbass choices

Re:Thankfully, by now no one cares anymore, Mozill

[Z00L00K]

Any web site using the User-Agent for something impacting the functionality should eat the consumer complaints and die. That string is one of the strings that are used to profile you as a user. There's a reason for standards, and the only thing that makes sense would be to distinguish between HTML and WML (rest in peace) browsers.

Re: Thankfully, by now no one cares anymore, Mozil

[P0ltergeist333]

Their actions surrounding ENSI encryption opened my eyes to a lot and should not be forgotten.
Once you add the appropriate apps, it's still one of the more secure options I've found. Google has changed to "do evil", so I hate to remove competition from them. Wish there was a viable 3rd option.

Re:

[thecombatwombat]

This is such a naive position. It wasn't so long ago that it was IE's world and that was not going to change. Until it did.

Firefox doesn't need to be 50% of the market to be useful.

Re:

[BAReFO0t]

The thing is: Chrome is even WORSE.

If you use Chrome, you literally chose not to be a person.
You chose to be a drone / swarm entity / serf / tentacle of Google.

Then again, not being a person and thinking passively seems to be all the rage nowadays, so what do I know.

Re:

[arglebargle_xiv]

If you use Chrome, you literally chose not to be a person.

You're right there! Every time I use Chrome, I immediately identify as an attack helicopter.

Re:

[belg4mit]

Could be worse. Google ignores Chrome reports for a year or so then automatically closes them because "they are inactive" since nobody bothers to pay attention and triage things. Alternatively, in the rare case where they do manage to review and acknowledge a bug, it takes them *years* to get around to fixing them.

Yes, You'll get flagged as a bot

[Somervillain]

Simple answer. Anyone who is anyone runs bot countermeasures, so if the site has money on the line, there's a good chance sending an anomalous User-Agent will get you flagged as a bot. The good bot management software will evaluate your humanity based on multiple criteria, so maybe you'll get through, but your probability of getting flagged goes way up when you tamper with your User-Agent. Some sites will reject you, others will make you do additional verification, like 2FA or lots of captcha-like stupid

Re:

[Joce640k]

You think bots can't send valid user-agent strings?

User-agent is a thing of the past, it needs to be done away with.

Re:

[Skapare]

Firefox's foot is in the grave.

Firefox died so soon.

but Firefox is dying.

LOL, but a little out of time order, there

Finally, a reason to browse porn sites

[drainbramage]

What?
No honey, I'm only doing this to test my browser.
No honey, this is not penetration testing.

will this 3 digit version break websites?

[Skapare]

will version 666 break websites?

Re:

[freeze128]

Why would it? Computers run on binary, not superstition.

Re:

[sconeu]

Only the Westboro Baptist Church website.

If a site breaks, screw 'em

[kmoser]

Any website that breaks because of this deserves to die. Sniffing UA strings is so last millennium.

Re:

[Luckyo]

One of the main reasons for it existing is the fact that there are still some non-chromium based web browsers that don't support everything that chromium-based browsers support.

Browsers like firefox.

So your site is probably going to break in a far less elegant manner if there is no "UA sniffing" done, unless site in question is so huge that the tiny percentage of total users still on firefox and its derivatives are actually a number large enough to warrant paying for costs of troubleshooting and fixing the

Re: If a site breaks, screw 'em

[bradley13]

Of course, those sites could just follow standards, and not do stupid things. Then they could ignore the UA string. I don't buy the bot-defense, either, because a bot can send any UA string it feels like.

Re:

[Luckyo]

Of course you could spend a lot of money on a lottery. But you don't, because it's not cost effective.

Same reason why those sites aren't "just going to follow standards". It's not cost effective.

Re:

[xalqor]

A lot of things can be handled with capability checking, but some things like opening external apps still require UA checking because the browsers haven't provided a way to detect the mechanism. Will the app open if you give the custom URL scheme like appname:// or will it open if you give the associated website URL? Is deep linking supported? Does the user have to long press the link? If yes and the user does a short press, what should the website do? And what is the right app store for this platform where

Re:

[thegarbz]

Yeah. Mozilla has far too many users now. Better to shed another million or so when this change breaks the internet in ways that non-techies don't understand beyond "Firefox is a broken browser"! /sarcasm

Re:

[drinkypoo]

Firefox has like no market share. Anything that messes with that is a problem for Firefox.

Of course, if they would stop dicking up the UI, stop dicking up the plugins interface, and fix major bugs like Firefox just fucking exploding without warning, error, etc. then I would be a lot happier.

What a joke.

[BAReFO0t]

I honestly think, if you're not using strict semantic version numbers, you're not a software engineer, but a hack.
It's "$softwareName $completeRewrites $compatibilityBreaks . $featureAdditions . $bugFixes . $builds". (I had to add spaces for /.'s stupid filter.)
E.g. Indiana Jones 4*, version 1.2.42.394.
The build number can be left away for external releases. The complete rewrites can also just mean a completely new name. Think of it like the number in movie titles.

Chrome and Firefox just mashed it all t

Make the numbers 20 random digits

[DrXym]

Let's see how many 3rd party metrics sites we can take out because they don't sanitize the values they shove in their databases.

Regex

[felixrising]

Can you even regex? Left/right trim vs regex. Fight!!!

A smart move

[Reemi]

When a website doesn't work, most people try another browser. If that one works, it is obvious for them that the browser is at fault and not the website. Here at Slashdot, we know better but the majority of users out there have no clue. So for Firefox to protect their market share, this is a necessary action.

How much testing do they need to do? If you ask me, they already made a large step. Just by announcing, major infrastructure operators and application developers will double check if this is going to be a problem for their software. This will prevent large scale outages, compare it with Y2K where there was so many hype that (almost) everything that needed to be fixed was fixed.

Can't imagine that this has cost Firefox much effort that otherwise could have been used to fix bugs. It is very well possible that this will free up capacity in the future.

Btw, I am getting a bit tired of all those people that claim --every Firefox related story-- not to be using Firefox and keep complaining of changes made versions ago. Get over it, enjoy your current browser of choice and let us have ours. Respect there are others with a different opinion and let them be.

Usual Firefox hate

[Anonymous Coward]

Usual Firefox hate.

There are a whole lot of /. posters who seem to have a vested interest in killing Firefox, so we end up with a Chrom* monoculture. I wonder what their motivation is? They've been working on this for years and seem *very* determined. /s

Re:

[RockDoctor]

I've just assumed they were paid shills of Microsoft (or whoever is selling Internet Explorer these days). Motivation comes, in the theatre-director's words, from the pay cheque in the pocket.