This proposal seeks to align our implementation of GREASE in User Agent Client Hints with the current spec, which includes additional GREASE characters beyond the current semicolon and space, and which recommends varying the arbitrary version.
User-Agent GREASE is intended to discourage arbitrary user agent blocklists and other assumptions being built on top of the User-Agent header. A similar concept exists in TLS. This practice is currently implemented in Chromium, but today’s implementation differs slightly from the current spec. If implemented, this proposal would enable additional GREASE characters (the full list includes the following ASCII characters: 0x20 (SP), 0x28 (left parenthesis), 0x29 (right parenthesis), 0x2D (-), 0x2E (.), 0x2F (/), 0x3A (:), 0x3B (;), 0x3D (=), 0x3F (?), 0x5F (_)) and vary the arbitrary version over time. Note that the GREASE portion of the header would remain constant per major version, in accordance with the spec.
The prior inclusion of escaped ASCII 0x22 (double quote) and 0x5C (backslash) proved to be web incompatible and was rolled back. While we do not anticipate similar problems with the updated character list, we will take the following actions to validate this assumption:
Pre-launch testing of the new characters against known-common sites, which will include tests against the components known to have been incompatible with the prior implementation.
A phased rollout along with monitoring of HTTP 4XX response rates.
WebKit: No official position; mild positive signals.
Firefox: UA Client hints considered non-harmful
Is this feature fully tested by web-platform-tests?
We will be adding web-platform-tests to validate this functionality.
Link to entry on the Chrome Platform Status