是否允许使用伪造的用户代理? [英] Is using a faked user agent allowed?
问题描述
我想知道是否允许伪造用户代理以假装我的脚本是 safari 或任何其他浏览器?如果我在脚本中伪造了用户代理,我会遇到麻烦吗?我指的不是像我的脚本"这样的自定义代理,我指的是属于Mozilla/5.0(Macintosh;Intel Mac OS X 10_9_1)AppleWebKit/537.73.11(KHTML,如 Gecko)"等浏览器的用户代理版本/7.0.1 Safari/537.73.11"?
I was wondering if it is allowed to fake the user agent to pretend that me script is safari or any other browser? Can I get into trouble if I faked the user agent in my script? I don't mean a custom one such as "My Script", I mean a user agent which belongs to a browser like "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.73.11 (KHTML, like Gecko) Version/7.0.1 Safari/537.73.11"?
推荐答案
我认为这取决于上下文.如果您试图通过操纵用户代理 HTTP 标头来获得对信息的未经授权的访问,则这可能被认为是非法的.同样的原则也适用于操作 Cookie HTTP 标头.在这种情况下,检察官可能会将其标记为黑客行为".
I'd say it depends on the context. It might be considered illegal if you are trying to gain unauthorized access to information by manipulating the user-agent HTTP header. This same principle could also apply to manipulating Cookie HTTP header. In this context, the prosecutor may label it as "hacking".
当安德鲁·艾伦·埃舍尔·奥恩海默(Andrew Alan Escher Auernheimer)(又名 Weev)最近因入侵"AT&T 网站而被起诉并被定罪时,检察官不断重复他欺骗"iPad(通过伪造的用户代理)标头)表明恶意/不正当意图.我不确定这些检察官是否会说这种欺骗行为本身就是完全非法的,但这是让他被定罪的部分原因,因此绝对应该考虑到这一点.
When Andrew Alan Escher Auernheimer (known as Weev), was recently prosecuted and convicted of "hacking" AT&T's website, the prosecutors kept repeating over and over that his "spoofing" of an iPad (via a forged User-Agent header) was an indication of malicious/devious intent. I'm not sure if those same prosecutors would say such spoofing is outright illegal just on its own, but it was part of what got him convicted, so that should definitely be taken into consideration.
如果您要伪造用户代理,假设要调试网站在 iPad 上的显示方式,这并不违法.Chrome、Internet Explorer等浏览器厂商现在都有修改用户代理权限的功能浏览器内部!
If you're going to fake user agent let's say to debug how a site will be displayed on an iPad, this is not illegal. Browser vendors such as Chrome, Internet Explorer has now a feature to modify the user agent right inside the browser!
这篇关于是否允许使用伪造的用户代理?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
