most of you already know this. tldr - inferring system requirements from the "user-agent" http header is useless/dangerous/silly, and your site/page stop (nothing new here...not sure why certain sites trust the user-provided data).
This is not OpenBSD specific, but hopefully helpful for anyone wanting their system to "just work" when accessing a site requiring a certain operating system, or browser. Here are some details for those who might be suffering from the same stupid "required operating systems" limitation my bank imposes... Given: - the bank has a HTTP interface - the bank "requires" a specific browser/version - the bank "requires" a specific set of closed-source operating systems - OpenBSD ships recent browsers (chromium, firefox, etc) Problem: When logging into said financial institution, the page declines to work correctly because I don't have an operating system on their list. Solution: Spoof (add/modify) "user-agent" http header (via browser plugin, for example), to include a common user-agent used by one of the aforementioned "required operating systems". This seems to work, for me, at my bank: Mozilla/5.0 (iPhone; CPU iPhone OS 9_2 like Mac OS X) AppleWebKit/601.1 (KHTML, like Gecko) CriOS/47.0.2526.70 Mobile/13C71 Safari/601.1.46 Why this works: Your browser sends a user-agent with browser/OS details in the request. This means you can modify those details before you send your request. Effectively, it's an unverified claim. So take advantage of it, and claim what you want/need. :) Bryan
