Reputation: 3591
Are there any mechanisms to detect whether a request is coming from a system level mobile browser?
This is a security related question. Say I have an app that can Wants to show a web page served from a webserver. Is there some mechanism for the server to detect whether the request is coming from the system-level browser or from an embedded or in-app browser? Are there any specific headers that the system browsers and/or in-app browsers send, other than the user-agent. Are there any security headers the server can send to block the rendering in in-app browsers?
Upvotes: 0
Views: 154
Answers (1)
Reputation: 93726
No, and its not possible. You're relying on the client on the remote device sending you accurate data and not lying. If you're using this for security, you can't do that. The attacker will lie. At best, you could eliminate some browsers who are being honest, but you won't be able to eliminate actually malicious attacks like this.
As for sending a security header from the server- why would any browser honor that? They'd ignore it instantly. I'm not even sure what advantage you think you're going to get from this. Why do you think it matters if its an embedded or non embedded browser? Why do you think there's any fundamental difference between them?
Upvotes: 1
Related Questions
- How to detect if request came from mobile device
- How can i detect if the request is coming from a mobile browser in my asp.net MVC 3
- Detecting http request from a mobile app
- Determine if a http request is coming from a phone app or browser
- Standard way to detect mobile browsers in a web application based on the http request
- Distinguish between http mobile browser and mobile app request
- How can distinguish the request on HTTP from web browser or mobile device(app) in PHP?
- Detect if page is from a mobile device?
- HTTP: Most reliable way to determine if device accessing site is mobile
- how to identify the request come from which device?