diff --git a/files/en-us/web/http/client_hints/index.md b/files/en-us/web/http/client_hints/index.md index 146bb6648261c34..b87744b4c138473 100644 --- a/files/en-us/web/http/client_hints/index.md +++ b/files/en-us/web/http/client_hints/index.md @@ -63,10 +63,16 @@ For example, to stop requesting any hints it would send `Accept-CH` with an empt ## Low entropy hints Client hints are broadly divided into high and low entropy hints. - The low entropy hints are those that don't give away much information that might be used to create a [fingerprinting](/en-US/docs/Glossary/Fingerprinting) for a user. They may be sent by default on every client request, irrespective of the server `Accept-CH` response header, depending on the permission policy. -These hints include: {{HTTPHeader("Save-Data")}}, {{HTTPHeader("Sec-CH-UA")}}, {{HTTPHeader("Sec-CH-UA-Mobile")}}, {{HTTPHeader("Sec-CH-UA-Platform")}}. +Low entropy hints are: + +- {{HTTPHeader("Save-Data")}}, +- {{HTTPHeader("Sec-CH-UA")}}, +- {{HTTPHeader("Sec-CH-UA-Mobile")}}, and +- {{HTTPHeader("Sec-CH-UA-Platform")}}. + +## High entropy hints The high entropy hints are those that have the potential to give away more information that can be used for user fingerprinting, and therefore are gated in such a way that the user agent can make a decision whether to provide them. The decision might be based on user preferences, a permission request, or the permission policy. diff --git a/files/en-us/web/http/headers/sec-ch-ua-arch/index.md b/files/en-us/web/http/headers/sec-ch-ua-arch/index.md index af073d849a28811..52e0f6830128fe7 100644 --- a/files/en-us/web/http/headers/sec-ch-ua-arch/index.md +++ b/files/en-us/web/http/headers/sec-ch-ua-arch/index.md @@ -55,7 +55,7 @@ The client may choose to provide the hint, and add the `Sec-CH-UA-Arch` header t For example, on a Windows X86 based computer, the client might add the header as shown: ```http -GET /GET /my/page HTTP/1.1 +GET /my/page HTTP/1.1 Host: example.site Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" diff --git a/files/en-us/web/http/headers/sec-ch-ua-bitness/index.md b/files/en-us/web/http/headers/sec-ch-ua-bitness/index.md index 81023cc2c052c6f..73ae8f87b1fbc19 100644 --- a/files/en-us/web/http/headers/sec-ch-ua-bitness/index.md +++ b/files/en-us/web/http/headers/sec-ch-ua-bitness/index.md @@ -56,7 +56,7 @@ The client may choose to provide the hint, and add the `Sec-CH-UA-Bitness` heade For example, on a Windows based 64-bit computer, the client might add the header as shown: ```http -GET /GET /my/page HTTP/1.1 +GET /my/page HTTP/1.1 Host: example.site Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" diff --git a/files/en-us/web/http/headers/sec-ch-ua-form-factors/index.md b/files/en-us/web/http/headers/sec-ch-ua-form-factors/index.md new file mode 100644 index 000000000000000..28c21abe38173df --- /dev/null +++ b/files/en-us/web/http/headers/sec-ch-ua-form-factors/index.md @@ -0,0 +1,96 @@ +--- +title: Sec-CH-UA-Form-Factors +slug: Web/HTTP/Headers/Sec-CH-UA-Form-Factors +page-type: http-header +status: + - experimental +spec-urls: https://wicg.github.io/ua-client-hints/#sec-ch-ua-form-factors +--- + +{{HTTPSidebar}}{{SecureContext_Header}} + +The HTTP **`Sec-CH-UA-Form-Factors`** {{Glossary("request header")}} is a [user agent client hint](/en-US/docs/Web/HTTP/Client_hints#user-agent_client_hints) which provides information on the user-agent's device form factor. + + + + + + + + + + + + +
Header type + {{Glossary("Request header")}}, + Client hint +
{{Glossary("Forbidden header name")}}Yes (Sec- prefix)
+ +## Syntax + +```http +Sec-CH-UA-Form-Factors: +Sec-CH-UA-Form-Factors: , …, +``` + +### Directives + +- `` + - : A string indicating a common device form factor. + All applicable form factors can be included. + The meanings of the allowed values are: + - `"Desktop"` + - : A user-agent running on a personal computer. + - `"Automotive"` + - : A user-agent embedded in a vehicle, where the user may be responsible for operating the vehicle and unable to attend to small details. + - `"Mobile"` + - : Small, touch-oriented device typically carried on a user's person. + - `"Tablet"` + - : A touch-oriented device larger than `"Mobile"` and not typically carried on a user's person. + - `"XR"` + - : Immersive devices that augment or replace the environment around the user. + - `"EInk"` + - : A device characterized by slow screen updates and limited or no color resolution. + - `"Watch"` + - : A mobile device with a tiny screen (typically less than 2 inches), carried in such a way that the user can glance at it quickly. + +## Examples + +### Using Sec-CH-UA-Form-Factors + +A server requests the `Sec-CH-UA-Form-Factors` header by including the {{HTTPHeader("Accept-CH")}} in a _response_ to any request from the client, using the name of the desired header as a token: + +```http +HTTP/1.1 200 OK +Accept-CH: Sec-CH-UA-Form-Factors +``` + +The client may choose to provide the hint, and add the `Sec-CH-UA-Form-Factors` header to subsequent requests. +For example, the client might add the header as shown: + +```http +GET /my/page HTTP/1.1 +Host: example.site + +Sec-CH-UA-Mobile: ?0 +Sec-CH-UA-Form-Factors: "EInk" +``` + +In this case, `"EInk"` means that the device is characterized by slow screen updates and limited color resolution, and as such, responses may differ depending on this hint. + +## Specifications + +{{Specifications}} + +## Browser compatibility + +{{Compat}} + +## See also + +- [Client hints](/en-US/docs/Web/HTTP/Client_hints) +- [User-Agent Client Hints API](/en-US/docs/Web/API/User-Agent_Client_Hints_API) +- {{HTTPHeader("Accept-CH")}} +- [HTTP Caching: Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}} header +- [Improving user privacy and developer experience with User-Agent Client Hints](https://developer.chrome.com/docs/privacy-security/user-agent-client-hints) on developer.chrome.com diff --git a/files/en-us/web/http/headers/sec-ch-ua-full-version/index.md b/files/en-us/web/http/headers/sec-ch-ua-full-version/index.md index 85106f96cfc6db2..aad4e8ec214dff0 100644 --- a/files/en-us/web/http/headers/sec-ch-ua-full-version/index.md +++ b/files/en-us/web/http/headers/sec-ch-ua-full-version/index.md @@ -56,7 +56,7 @@ The client may choose to provide the hint, and add the `Sec-CH-UA-Full-Version` For example, the client might add the header as shown: ```http -GET /GET /my/page HTTP/1.1 +GET /my/page HTTP/1.1 Host: example.site Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" diff --git a/files/en-us/web/http/headers/sec-ch-ua-model/index.md b/files/en-us/web/http/headers/sec-ch-ua-model/index.md index b04595f4a3df0cf..da9f824b59cc426 100644 --- a/files/en-us/web/http/headers/sec-ch-ua-model/index.md +++ b/files/en-us/web/http/headers/sec-ch-ua-model/index.md @@ -53,7 +53,7 @@ The client may choose to provide the hint, and add the `Sec-CH-UA-Model` header For example, on mobile phone the client might add the header as shown: ```http -GET /GET /my/page HTTP/1.1 +GET /my/page HTTP/1.1 Host: example.site Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" diff --git a/files/en-us/web/http/headers/sec-ch-ua-platform-version/index.md b/files/en-us/web/http/headers/sec-ch-ua-platform-version/index.md index 3dccafdab58f050..2e09ba39d8bb652 100644 --- a/files/en-us/web/http/headers/sec-ch-ua-platform-version/index.md +++ b/files/en-us/web/http/headers/sec-ch-ua-platform-version/index.md @@ -54,7 +54,7 @@ The client may choose to provide the hint, and add the `Sec-CH-UA-Platform-Versi For example, the following request headers might be sent from a browser running on Windows 10. ```http -GET /GET /my/page HTTP/1.1 +GET /my/page HTTP/1.1 Host: example.site Sec-CH-UA: " Not A;Brand";v="99", "Chromium";v="96", "Google Chrome";v="96" diff --git a/files/en-us/web/http/headers/sec-ch-ua-wow64/index.md b/files/en-us/web/http/headers/sec-ch-ua-wow64/index.md new file mode 100644 index 000000000000000..90b112275e1c021 --- /dev/null +++ b/files/en-us/web/http/headers/sec-ch-ua-wow64/index.md @@ -0,0 +1,81 @@ +--- +title: Sec-CH-UA-WoW64 +slug: Web/HTTP/Headers/Sec-CH-UA-WoW64 +page-type: http-header +status: + - experimental +spec-urls: https://wicg.github.io/ua-client-hints/#sec-ch-ua-wow64 +--- + +{{HTTPSidebar}}{{SecureContext_Header}} + +The HTTP **`Sec-CH-UA-WoW64`** {{Glossary("request header")}} is a [user agent client hint](/en-US/docs/Web/HTTP/Client_hints#user-agent_client_hints) indicating if a 32-bit User-Agent application is running on a 64-bit Windows machine. + +[WoW64](https://en.wikipedia.org/wiki/WoW64) was commonly used to know which NPAPI plugin installer should be offered for download. +This client hint header is used for backwards compatibility considerations, to provide a one-to-one mapping from the User-Agent string of certain browsers to UA client hints. + + + + + + + + + + + + +
Header type + {{Glossary("Request header")}}, + Client hint +
{{Glossary("Forbidden header name")}}Yes (Sec- prefix)
+ +## Syntax + +```http +Sec-CH-UA-WoW64: +``` + +### Directives + +- `` + - : `?1` means the user agent's binary is running in 32-bit mode on 64-bit Windows (true) and `?0` means the inverse (false). + +## Examples + +### Using Sec-CH-UA-WoW64 + +A server requests the `Sec-CH-UA-WoW64` header by including the {{HTTPHeader("Accept-CH")}} in a _response_ to any request from the client, using the name of the desired header as a token: + +```http +HTTP/1.1 200 OK +Accept-CH: Sec-CH-UA-WoW64 +``` + +The client may choose to provide the hint, and add the `Sec-CH-UA-WoW64` header to subsequent requests. +Adding `Sec-CH-UA-WoW64: ?1` means the user agent's binary is running in 32-bit mode on 64-bit Windows: + +```http +GET /my/page HTTP/1.1 +Host: example.site + +Sec-CH-UA-WoW64: ?1 +Sec-CH-UA-Platform: "Windows" +Sec-CH-UA-Form-Factors: "Desktop" +``` + +## Specifications + +{{Specifications}} + +## Browser compatibility + +{{Compat}} + +## See also + +- [Client hints](/en-US/docs/Web/HTTP/Client_hints) +- [User-Agent Client Hints API](/en-US/docs/Web/API/User-Agent_Client_Hints_API) +- {{HTTPHeader("Accept-CH")}} +- [HTTP Caching: Vary](/en-US/docs/Web/HTTP/Caching#vary) and {{HTTPHeader("Vary")}} header +- [Improving user privacy and developer experience with User-Agent Client Hints](https://developer.chrome.com/docs/privacy-security/user-agent-client-hints) on developer.chrome.com