堆栈内存溢出
  简体   繁体   English

修改用户代理 header 时是否可以检测真实操作系统名称

[英]Is it possible to Detect Real OS name when the User-Agent header is modified

 原文  2020-08-09 06:05:24       javascript/ reactjs/ user-agent

问题描述

Is there anyway except to find the real OS name of the user?除了找到用户的真实操作系统名称之外,还有其他方法吗?

I need to know if my client are changing their OS name in user-agent header.我需要知道我的客户是否在用户代理 header 中更改其操作系统名称。

2 个解决方案

解决方案1
 1 已采纳  2020-08-09 06:35:08

No.不。

Think of the problem this way.这样想问题。 There are two remote parties communicating with each other over a single channel.有两个远程方通过单个通道相互通信。 One party sends a message "My name is Peter".一方发送消息“我的名字是彼得”。 Now there is no way the other party to verify the truthfulness of this information unless another authoritarian service which is capable of verifying the details of the parties via an external means is making it mandatory for the first two parties to register themselves.现在,对方无法验证这些信息的真实性,除非另一个能够通过外部方式验证各方详细信息的权威服务机构强制前两方进行自我注册。

Unfortunately the Internet protocols are designed to operate in the client-server realm.不幸的是,互联网协议被设计为在客户端-服务器 realm 中运行。 This means there are no mandatory authoritarian parties which regulate any given communication happening between two individual parties.这意味着没有强制性的威权政党来规范两个单独政党之间发生的任何特定通信。

The only savior of information verification is cryptography.信息验证的唯一救星是密码学。 There two it cannot be applied to all sorts of verifications.有两个它不能应用于所有类型的验证。 Cryptography can be used to overcome problems such as Two Generals Paradox - that is to verify the information received from one party is not intercepted and modified during the course of communication.密码学可以用来克服两将悖论等问题——即验证从一方接收到的信息在通信过程中没有被截获和修改。 But there is no feasible solution in the current Internet protocol design to verify information as fundamental as those originated from a source which is not in a domain where the destination has any control over.但是在当前的 Internet 协议设计中没有可行的解决方案来验证信息,这些信息与源自不受目的地控制的域中的源一样基本的信息。

解决方案2
 1  2020-08-09 06:55:40

If the client runs Javascript, and you're willing to live with somewhat unreliable results, you can detect their browser's features to make a fairly well-informed guess, and in some cases infer the OS (eg if you detect IE or Edge, there's a good chance they're running Windows).如果客户端运行 Javascript,并且您愿意忍受一些不可靠的结果,您可以检测他们的浏览器功能以做出相当有根据的猜测,并在某些情况下推断操作系统(例如,如果您检测到 IE 或 Edge,则很有可能他们正在运行 Windows)。 However, it's still subject to being spoofed.但是,它仍然受到欺骗。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 是否可以使用Chrome欺骗用户代理和操作系统? - Is possible to spoof user-agent and OS with Chrome? 如何使用修改的User-Agent标头javascript或php进行跨源Http发布请求? - How to make a cross origin Http post request with modified User-Agent header javascript or php? jplayer自定义用户代理HTTP标头 - jplayer custom user-agent http header 使用 window.navigator 时显示的用户代理不正确 - 与 http 标头不匹配 - Incorrect user-agent displayed when using window.navigator - does not match http header 哪种方法可以更好地检测客户端的用户代理? - Which is a better way to detect a client's user-agent? 仅自动检测移动浏览器(通过用户代理?)而不检测平板电脑 - Auto detect only mobile browser (via user-agent?) not tablet 如何更改请求标头(用户代理)中的客户端信息? - How to change the client informations in the request header (User-Agent)? 如何将浏览器用户代理 Header 更改为 javaScript? - How to change browser User-Agent Header with javaScript? Salesforce拒绝设置不安全的标题“ User-Agent” - Salesforce Refused to set unsafe header “User-Agent” 如何用js获取HTTP user-agent header? - How to get HTTP user-agent header with js?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM