Page MenuHomePhabricator

Implement an option to highlight non-standard user-agent strings in CheckUser
Open, MediumPublic

Description

{{draft}}

User story:

As a CheckUser, it would be helpful if non-standard user-agent strings are flagged/highlighted so it is easier to spot spoofed user agents.

Implementation plan:

TBD

Event Timeline

Niharika triaged this task as Medium priority.Oct 8 2019, 5:52 PM
Niharika created this task.
Restricted Application added subscribers: Liuxinyu970226, Aklapper. · View Herald TranscriptOct 8 2019, 5:52 PM
Huji added a subscriber: Huji.Oct 8 2019, 10:21 PM

T184075 was an attempt in this regard. I have the result of that analysis somewhere.

T184075 was an attempt in this regard. I have the result of that analysis somewhere.

That would indeed be helpful to see. My first thought was that we can flag UAs which don't contain expected keywords (for example "Chrome" or "Webkit") but I guess if someone is spoofing a UA to evade a check, they would probably try and mimic a real-UA as much as possible, right?

@Ladsgroup Your thoughts on this ticket are also welcome!

For this, it seems doing it on flay and frontend make sense.

I'm pretty sure there are libraries that parse UA and tell you if it belongs to a human user or not. They are widely needed in routing and analytics. Varnish uses something (don't know what exactly) to fill webrequest fields like access_method, agent_type, and user_agent_map. Let me search for something like this for javascript (we can't use npm packages in production though 😢)