dstiles - 11:01 pm on Feb 7, 2012 (gmt 0)
Samizdata - I agree the UA is not proof of the client type or use but if my system can't recognise it as a valid browser it's rejected - is that a better word than die? :)
Lucy - turns out I'm worng on 127 - it was 256 BUT...
From an MSDN blog Feb 2010:
"For security reasons, ASP.NET (1.1 and 2.0) limited the maximum length of User-Agent strings to 256 characters. We have released fixes that ASP.NET recognize User-Agent strings that contain as many as 512 characters.
FIX: You cannot browse an ASP.NET 1.1 Web site if the User-Agent string that is in the browser contains more than 256 characters"
From a 2009 MSDN blog:
"In IE7 and below, if the UA string grows to over 260 characters, the navigator.userAgent property is incorrectly computed."
Which could well be the problem with all of the multiple mozilla inclusions etc.
Also from the same blog:
"Many websites will return only error pages upon receiving a UA header over a fixed length (often 256 characters)"
"Notably, the RFC does not define a maximum length for the header value"
So my original 127 was incorrect and what I thought was an RFC limitation turns out to be a browser limitation.
I would certainly kill the rat. The + signs, by the way, are probably spaces as seen in querystrings etc.