Identify as Zotero in User-Agent header

edited January 14, 2023
This discussion was created from comments split from: Webdav problems (Webdav server by PowerFolder).
  • the user-agent header is supposed to identify the, doh, user-agent

    if zotero pretends to be firefox 60 (released may 2018) it will most likely be detected as a bot or malicious stuff.

    you can come and say that user-agent header is not even mandatory, but in that case why preted to be firefox? oh wait, more providers would block an empty user-agent.

    what if zotero would identify itself via the user-agent header?
  • If you're having some problem, just say what it is, and we'll discuss it. The thread you posted to was about some broken WebDAV software and a very confused support person from the provider, so continuing that discussion isn't useful. I've moved this to a new thread.

    Zotero uses different User-Agent strings in different situations, and the primary goal is to keep its requests from getting blocked.

    When you save from the Zotero Connector and the Zotero app performs the PDF download, it identifies as your browser, since otherwise many sites would block the requests.

    When it makes requests on its own (e.g., Add Item by Identifier), it identifies as the Firefox version it's based on, since that's the browser engine, and a custom user-agent string would be more likely to get blocked. Zotero 7 will identify as Firefox 102, since that's what it will be based on. It might be reasonable/responsible to add "Zotero/[version]" to the end of the UA string in this case, but Zotero is generally making requests on behalf of users and is designed to function like a web browser on sites that are often trying to block bots, so we don't want to do anything that increases the chances of getting blocked.

    As I say in that thread, I think it would be appropriate for Zotero to use a custom UA string for WebDAV requests, but that WebDAV server was just broken.

    But millions of people use Zotero, and obviously most of its requests aren't being blocked.

    So what's the issue you're experiencing?
Sign In or Register to comment.