10 is the one
Friday, December 19, 2008 12:29:51 AM
Apparently a lot of trouble.
As Andrew Gregory already noticed, we're the first browser ever to release with a two-digit version number. If websites assume that version numbers always have a one-letter "major" part and look for a single digit, they are going to "detect" Opera 1!
Since we released the first preview of Opera 10, we're seeing the bug reports come in. Web sites go belly up because of their bad sniffing. Some of them aren't even ashamed of it..
Thanks, Bank of America. Do you feel like it's 1995 again? Yeah, me too.
You'd think that with the intense development Microsoft has been lavishing on live.com they would have found somebody capable of writing a usable browser sniffer (or ideally a person clever enough to say "wait, we don't really need one - what if we just use feature detection instead?"). Think again..
..and for further evidence that their backend version detection is an odd piece of software engineering, read their cookies closely - Opera 9.62's request first, then Opera 10:
GET /mail/browsersupport.aspx Host: co109w.col109.mail.live.com User-Agent: Opera/9.62 (Windows NT 5.1; U; en) Presto/2.2.0 Set-Cookie: BrowserSense=Win=1&Downlevel=0&WinIEOnly=0&Firefox=0&Opera=1&OperaVersion=9.2&Safari=0; domain=.live.com; path=/
GET /mail/browsersupport.aspx Host: co109w.col109.mail.live.com User-Agent: Opera/10.00 (Windows NT 5.1; U; en) Presto/2.2.0 Set-Cookie: BrowserSense=Win=1&Downlevel=1&WinIEOnly=0&Firefox=0&Opera=1&OperaVersion=&Safari=0; domain=.live.com; path=/
Did you spot the missing version value? We really confused them by adding 0.37 to our previous value, didn't we?
Speaking of cookies, they are the main reason we added the feature that lets you hide Opera's identity. Back then in 1996 or so, some sites would do browser sniffing and send cookies only to known browsers. On the next page, if you didn't serve it cookies the site would say "hey, you don't support cookies so go away". What would Joseph Heller make of that, I wonder?
So, rewind to meet the catch-22 server, re-born at Bank South Australia:
GET /InternetBanking/ HTTP/1.1 User-Agent: Opera/9.62 (Windows NT 5.1; U; en) Presto/2.1.1 Host: ibanking.banksa.com.au HTTP/1.1 200 OK Set-Cookie: JSESSIONID=000019WTazsWAk-lB38OrmKD3kR:13l3ifhnq;Path=/ Set-Cookie: bhCookieSess=1;Path=/ Set-Cookie: bhCookiePerm=1;Expires=Sat, 20-Dec-2008 23:35:40 GMT;Path=/
..and Opera 10..:
GET /InternetBanking/ HTTP/1.1 User-Agent: Opera/10.00 (Windows NT 5.1; U; en) Presto/2.2.0 Host: ibanking.banksa.com.au HTTP/1.1 200 OK Content-Type: text/html;charset=ISO-8859-1 Content-Language: en-AU Date: Thu, 18 Dec 2008 23:34:37 GMT Connection: close
Um, I'm hungry. Where are your cookies? Predictably the next page looks like this:
This is probably just the beginning.
Will the web ever learn?