Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

RESTful API: require user agent string?

Tags:

rest

user-agent

My team has a web site with a RESTful API. We're is working on load testing it, so we've built a small console app to hammer it with requests. This console app does not set the user agent string, and that is causing an error in our API because it is a required field in our database.

So, should I make the API extra robust and simply use a default string (i.e. "unknown") if a user agent isn't included in the request? Or, should I return a 400 Bad Request response in this situation? I know either is possible, but I'm looking for the standard way to do this.

like image 406
MikeWyatt Avatar asked Jun 06 '11 16:06

MikeWyatt

People also ask

What is user agent in REST API?

The User-Agent request header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent.

Is user agent header required?

All API-connecting software must include the HTTP User-Agent header to identify itself in the requests that it sends. To be more specific, interface.

Is User Agent a string?

A browser's User-Agent string (UA) helps identify which browser is being used, what version, and on which operating system. When feature detection APIs are not available, use the UA to customize behavior or content to specific browser versions.

What does a user agent string contain?

The User-Agent (UA) string is contained in the HTTP headers and is intended to identify devices requesting online content. The User-Agent tells the server what the visiting device is (among many other things) and this information can be used to determine what content to return.

1 Answers

Since the User-Agent header is not absolutely required to be present within HTTP requests (the spec says the header SHOULD be there, rather than MUST), your API would be more robust if it could handle it not being present.

That said, it would probably be good for your test app to pass a User-Agent identifier of "test app" or something, just so you could track it in your database, or to throttle or profile your test traffic.

I would caution you not to use User-Agent as a definitive identifier of the client application though, since it is so easily spoofed. It doesn't sound like you're doing that but I thought I'd mention it.

like image 188
Brian Kelly Avatar answered Nov 07 '22 03:11

Brian Kelly
Sign in to Comment

Related questions

Can anyone recommend a REST / SOAP Web Service for VIN Numbers? [closed]
Should an API service send the user activation email or the client application?
How to run jersey-server webservice server without using tomcat
HTTP status code for PUT
Rails respond_with -- why does POST return a URL instead of the data?
Restangular POST form data in json format in Angular JS
POST contents of a form to rest api
Angular relative paths in HTTP requests
Are there javadoc-like tools to generate RESTful web service apidoc from JAX-RS annotations? [closed]
Restful Client from WADL
Swagger Codegen CLI Java Client - How to use it right
How to POST Model with Many to Many through in Django REST
Symfony2 And Single Webpage Applications using a framework like AngularJS
Simple URL routes in WCF Rest 4.0 without trailing slash
Spring Data REST in plain JSON (not HAL format)
RESTful API design - best practices for passing dates
Django, REST and Angular Routes
how to POST contents of JSON file to RESTFUL API with Python using requests module
A RESTful approach to data synchronization
REST url for create and edit forms

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!