On Windows, platform version string should be sufficient to differentiate betwee...
source link: https://github.com/WICG/ua-client-hints/issues/220
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Windows historically updated the major or minor version number with each significant OS release. As a result, the "Windows NT ." component of the UA string was sufficient for sites to know how to send appropriate installers targeting each OS release.
As of Windows 10, though, Windows has essentially frozen the major and minor build number. As a result, this logic is no longer able to work across different Win10 releases even as we approach the 6th anniversary of the first Win10 release.
For OS X, we're already exposing a similar level of detail in terms of version numbers across releases.
With the UA string, it would have been unsafe from a compat perspective to add a third version component since it would have broken many existing UA string parsers. With UA Client Hints, we have an opportunity to add this functionality back.
There's obviously a bit more entropy here, but this version component has only been changing about twice a year and with the Windows install base it's not particularly unique. Since this isn't a header included by default, we can also consider it as an input into any future "privacy budget" schemes.
So, in short: I think we should have browsers expose major.minor.build in Sec-CH-UA-Platform-Version on Windows clients. e.g. instead of "10.0" it would say something like "10.0.19042" (for "20H2").
This is possibly not really an issue to resolve here on the spec, but if we have general agreement we could at have at least one of the examples demonstrate this.
Recommend
-
12
April 13, 2021
-
10
VPNs are No More Sufficient to Protect Your Privacy on the WebApril 30th 2021 new story9
-
8
Security Fiasco: Why small is necessary but not sufficient for security 2014/12/23 “Small is beautiful” is nowhere more true than it is in security. The smaller a sys...
-
6
A forenoteThis blog post has some examples of questionable quality. This should not be meant as an attack on those projects. The issues listed here are fairly widespread, these are just the examples I ran into while doing other work....
-
14
Search Questions and Answers
-
10
Sufficient Decentralization for Social NetworksEvery year, centralized social networks place more restrictions on what users and developers can do. They seem to believe that limiting choices is the path to a healthy network, while the opp...
-
5
TLDR: ZFS free-space reporting is a lagging indicator. Background I...
-
7
Why Is America Still Buying Saudi Oil When We Could Be Self Sufficient?We can tell Saudi Arabia’s dictator and the most predatory oil companies to go screw themselves at the same time we do the best thing for an average...
-
5
Sabrent dual NVMe SSD docking station review: Lots of storage, sufficient speed
-
5
Rep. Schiff Says There's 'Sufficient Evidence' to Charge Trump ...
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK