Intent To Experiment: User-Agent Client Hints GREASE Update

Skip to first unread message

Matt Reichhoff

Jan 26, 2022, 5:18:56 PMJan 26
to blink-dev, Mike Taylor, Jade Kessler

Contact emails,,




We seek to align our implementation of GREASE in User Agent Client Hints with the current spec, which includes additional GREASE characters beyond the current semicolon and space, and which recommends varying the arbitrary version. This is to help prevent bad assumptions from being built on top of User-Agent strings.

This intent seeks approval to begin an experiment on stable at 1% with the m98 release. Due to a clerical error, the experiment is already running on m98 in beta. The goal is to determine whether the new spec is web compatible via a controlled experiment before we ship to stable.

Blink component


TAG review

TAG review status

In progress, but all raised issues addressed.


Interoperability and Compatibility

The prior inclusion (in 2020) of escaped ASCII 0x22 (double quote) and 0x5C (backslash) proved to be web incompatible and was rolled back. While we do not anticipate similar problems with the updated character list, we have taken (or will take) the following actions to validate this assumption:

  • Pre-launch testing of the new characters against known-common sites, which will include tests against the components known to have been incompatible with the prior implementation [COMPLETED].

  • Addition of an enterprise policy escape hatch [COMPLETE].

  • A phased rollout along with monitoring of HTTP 4XX response rates [PROPOSED HERE].

Gecko: Non-harmful (

WebKit: No signal

Web developers: No signals

Other signals: N/A

Goals for experimentation

A phased rollout is desired to ensure the changes to the spec are web-compatible. To that end, we will begin with 1% of users on stable, with monitoring of HTTP response codes to ensure the change is non-breaking.


N/A; no change required

Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

No (not on WebView or iOS)

Is this feature fully tested by web-platform-tests?


Flag name


Tracking bug

Estimated milestones

We anticipate this experiment starting in M98 and running for 2 milestones, but it could extend if the data is inconclusive. We are most concerned about website tail behavior with this change, which can make data gathering slower than we’d like.

Link to entry on the Chrome Platform Status

Links to previous Intent discussions

Intent to prototype:

Mike West

Feb 1, 2022, 4:45:02 AMFeb 1
to blink-dev, Matt Reichhoff, Mike Taylor, Jade Kessler
LGTM to experiment with this change on a small percentage of stable in M98 and M99. Presumably you'll be keeping an eye on metrics and bug reports to roll it back in case unexpected incompatibility is discovered.

Out of curiosity, what is the new character set with which you'll be working? The spec link was fairly generic, describing a strategy rather than an algorithm.


Matt Reichhoff

Feb 1, 2022, 10:01:18 AMFeb 1
to Mike West, blink-dev, Mike Taylor, Jade Kessler
Thanks for the response! Yes, we will be keeping an eye on metrics and bug reports.

In terms of the character set, it is defined here:
It includes: 0x20 (SP), 0x28 (left parenthesis), 0x29 (right parenthesis), 0x2D (-), 0x2E (.), 0x2F (/), 0x3A (:), 0x3B (;), 0x3D (=), 0x3F (?), 0x5F (_). The prior implementation included only space (0x20) and semicolon (0x3B).

Mike Taylor

Feb 1, 2022, 10:25:05 AMFeb 1
to Matt Reichhoff, Mike West, blink-dev, Jade Kessler
And in case anyone wonders: why those ones in particular? It's everything that's allowed inside an sf-string, except escaped "\" and escaped DQUOTE (because we know those make WAFs very, very sad).
Reply all
Reply to author
0 new messages