White Hat Institute

Mozilla warns that the ‘100’ user agents in Chrome and Firefox may crash websites

Firefox and Chrome 100 versions
Retrieved from iphonesoft.fr

Mozilla has issued a warning to web developers that the future Firefox 100 and Chrome 100 versions may cause problems when processing user-agent strings with three-digit version numbers. A user-agent string is a sequence that a web browser uses to store details about the software, such as the browser’s name, version number, and the technologies it employs.

The browser’s user-agent is transmitted together with the request for a web page when a client access a website. This enables the web page to determine the visitor’s browser version and tailor its response to the features that the browser supports.

Mozilla Firefox version 97, for example, has the following user-agent:

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:97.0) Gecko/20100101 Firefox/97.0

The user-agent for the current version of Google Chrome 98 is:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36

Mozilla conducted an experiment in August 2021 to determine if the three-digit ‘Firefox/100’ user-agent string would create website complications. Google quickly responded with their own Chrome 100 test. In all studies, Mozilla and Google discovered that when processing a user-agent string including a three-digit version number, some of the websites did not work properly.

Ever since, Mozilla has been tracking web defects caused by the version 100 upgrade and has discovered issues on HBO Go, Bethesda, Yahoo, Slack, and Duda website builder websites. The majority of the time, these flaws have ranged from websites declaring that the browser is incompatible to user interface flaws affecting certain areas of the site.

“Different browsers use different formats for the User-Agent string, and site-specific User-Agent processing, because there is no uniform specification to follow. Some parser libraries may have hard-coded assumptions or defects that do not take three-digit major version numbers into account“ Mozilla discusses the planned changes to user agents in a recent blog post. “When browsers switched to two-digit version numbers, many libraries upgraded their parsing logic, so the three-digit milestone is expected to cause fewer issues.”

Until the browsers are published on March 29 for Chrome and May 3 for Firefox, Mozilla and Google will continue to undertake experiments for version 100 user-agents. If issues with sites arise that Mozilla or Google are unable to resolve before the distribution of these upgrades, both Google and Mozilla have backup procedures in place to ensure that the sites are not impacted.

Mozilla has a site interventions feature for Firefox that allows you to solve bugs by freezing the user-agent at Firefox/99 or injecting CSS or other overrides. Likewise, Chrome intends to set the user-agent string version to 99 for problematic sites and indicate the actual version in another portion of the user-agent string.

Mozilla advises web developers and administrators to see if switching to the Firefox 100 and Chrome 100 user-agents breaks their sites. This can be accomplished by following the steps below:

Set the major version number to 100 in Firefox Nightly.

  • Open the Settings menu in Firefox Nightly.
  • Check the “Firefox 100 User-Agent String” option after searching for “Firefox 100.”

When enabled, the user-agent string in Firefox will be changed to:

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0

Set Chrome to reflect the major version number as 100.

  • Go to chrome:/flags/#force-major-version-to-100 for more information.
  • Select ‘Enabled’ from the drop-down menu.

When enabled, the user-agent string in Chrome will be changed to:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4758.102 Safari/537.36

If a problem is discovered, Mozilla recommends that developers post a report on webcompat.com so that any concerns can be addressed in a timely manner.