Remove QtWebEngine/... from default UA

Good old https://webaim.org/blog/user-agent-string-history/ strikes yet again. Let's just masquerade as Chromium instead of the constant pointless fight.
2025-04-08 20:28:15 +02:00 · 2025-04-08 20:28:15 +02:00 · b16551548f
parent 961a9390da
commit b16551548f
6 changed files with 21 additions and 54 deletions
--- a/doc/changelog.asciidoc
+++ b/doc/changelog.asciidoc
@ -25,6 +25,12 @@ Changed
 - The `content.headers.user_agent` setting now has a new
  `{upstream_browser_version_short}` template field, which is the
  upstream/Chromium version but shortened to only major version.
+- The default user agent now uses the shortened Chromium version and doesn't
+  expose the `QtWebEngine/...` part anymore, thus making it equal to the
+  corresponding Chromium user agent. This increases compatibilty due to various
+  overzealous "security" products used by a variety of websites that block
+  QtWebEngine, presumably as a bot (known issues existed with Whatsapp Web, UPS,
+  Digitec Galaxus).
 - Changed features in userscripts:
    * `qute-bitwarden` now passes your password to the subprocess in an
      environment variable when unlocking your vault, instead of as a command
@ -38,7 +44,10 @@ Changed
 Removed
 ~~~~~~~

- The `ua-slack` site-specific quirk, as things seem to work better nowadays without a quirk needed.
+- The `ua-slack` site-specific quirk, as things seem to work better nowadays
+  without a quirk needed.
+- The `ua-whatsapp` site-specific quirk, as it's unneeded with the default UA
+  change described above.

 Fixed
 ~~~~~
@ -50,13 +59,9 @@ Fixed
  error is shown instead).
 - Crashes when running `:tab-move` or `:yank title` at startup, before a tab is
  available.
- The default user agent now only contains the shortened Chromium version
-  number, which fixes overzealous blocking on ScienceDirect.
- New site-specific quirk to fix existing accounts showing as non-existent on
-  Digitec/Galaxus.
 - Workaround for microphone/camera permissions not being requested with
  QtWebEngine 6.9.0 on Google Meet, Zoom, or other pages using the new
-  `<permission>` element.
+  `<permission>` element. (#8539)
 - Resolved issues in userscripts:
    * `qute-bitwarden` will now prompt a re-login if its cached session has
      been invalidated since last used. (#8456)
--- a/doc/help/settings.asciidoc
+++ b/doc/help/settings.asciidoc
@ -2279,19 +2279,18 @@ The following placeholders are defined:
  version, but only with its major version.
 * `{qutebrowser_version}`: The currently running qutebrowser version.

-The default value is equal to the unchanged user agent of
-QtWebKit/QtWebEngine.
+The default value is equal to the default user agent of
+QtWebKit/QtWebEngine, but with the `QtWebEngine/...` part removed for
+increased compatibility.

-Note that the value read from JavaScript is always the global value. With
-QtWebEngine between 5.12 and 5.14 (inclusive), changing the value exposed
-to JavaScript requires a restart.
+Note that the value read from JavaScript is always the global value.


 This setting supports link:configuring{outfilesuffix}#patterns[URL patterns].

 Type: <<types,FormatString>>

-Default: +pass:[Mozilla/5.0 ({os_info}) AppleWebKit/{webkit_version} (KHTML, like Gecko) {qt_key}/{qt_version} {upstream_browser_key}/{upstream_browser_version_short} Safari/{webkit_version}]+
+Default: +pass:[Mozilla/5.0 ({os_info}) AppleWebKit/{webkit_version} (KHTML, like Gecko) {upstream_browser_key}/{upstream_browser_version_short} Safari/{webkit_version}]+

 [[content.hyperlink_auditing]]
 === content.hyperlink_auditing
@ -2769,10 +2768,8 @@ Type: <<types,FlagList>>

 Valid values:

- * +ua-whatsapp+
 * +ua-google+
 * +ua-googledocs+
- * +ua-digitecgalaxus+
 * +js-whatsapp-web+
 * +js-discord+
 * +js-string-replaceall+
--- a/qutebrowser/browser/webengine/webenginesettings.py
+++ b/qutebrowser/browser/webengine/webenginesettings.py
@ -495,10 +495,6 @@ def _init_site_specific_quirks():
    #               "{qt_key}/{qt_version} "
    #               "{upstream_browser_key}/{upstream_browser_version_short} "
    #               "Safari/{webkit_version}")
-    no_qtwe_ua = ("Mozilla/5.0 ({os_info}) "
-                  "AppleWebKit/{webkit_version} (KHTML, like Gecko) "
-                  "{upstream_browser_key}/{upstream_browser_version_short} "
-                  "Safari/{webkit_version}")
    firefox_ua = "Mozilla/5.0 ({os_info}; rv:136.0) Gecko/20100101 Firefox/136.0"

    def maybe_newer_chrome_ua(at_least_version):
@ -517,12 +513,6 @@ def _init_site_specific_quirks():
    utils.unused(maybe_newer_chrome_ua)

    user_agents = [
-        # Needed to avoid a ""WhatsApp works with Google Chrome 36+" error
-        # page which doesn't allow to use WhatsApp Web at all. Also see the
-        # additional JS quirk: qutebrowser/javascript/quirks/whatsapp_web.user.js
-        # https://github.com/qutebrowser/qutebrowser/issues/4445
-        ("ua-whatsapp", "https://web.whatsapp.com/", no_qtwe_ua),
-
        # Needed to avoid a "you're using a browser [...] that doesn't allow us
        # to keep your account secure" error.
        # https://github.com/qutebrowser/qutebrowser/issues/5182
--- a/qutebrowser/browser/webengine/webenginetab.py
+++ b/qutebrowser/browser/webengine/webenginetab.py
@ -1201,11 +1201,6 @@ class _WebEngineScripts(QObject):
                # will be an UA quirk once we set the JS UA as well
                name='ua-googledocs',
            ),
-            _Quirk(
-                'digitecgalaxus',
-                # will be an UA quirk once we set the JS UA as well
-                name='ua-digitecgalaxus',
-            ),

            _Quirk(
                'string_replaceall',
--- a/qutebrowser/config/configdata.yml
+++ b/qutebrowser/config/configdata.yml
@ -656,10 +656,8 @@ content.site_specific_quirks.skip:
  type:
    name: FlagList
    valid_values:
-      - ua-whatsapp
      - ua-google
      - ua-googledocs
-      - ua-digitecgalaxus
      - js-whatsapp-web
      - js-discord
      - js-string-replaceall
@ -752,7 +750,7 @@ content.headers.referer:
 content.headers.user_agent:
  default: 'Mozilla/5.0 ({os_info})
      AppleWebKit/{webkit_version} (KHTML, like Gecko)
-      {qt_key}/{qt_version} {upstream_browser_key}/{upstream_browser_version_short}
+      {upstream_browser_key}/{upstream_browser_version_short}
      Safari/{webkit_version}'
  type:
    name: FormatString
@ -800,12 +798,11 @@ content.headers.user_agent:
      version, but only with its major version.
    * `{qutebrowser_version}`: The currently running qutebrowser version.

-    The default value is equal to the unchanged user agent of
-    QtWebKit/QtWebEngine.
+    The default value is equal to the default user agent of
+    QtWebKit/QtWebEngine, but with the `QtWebEngine/...` part removed for
+    increased compatibility.

-    Note that the value read from JavaScript is always the global value. With
-    QtWebEngine between 5.12 and 5.14 (inclusive), changing the value exposed
-    to JavaScript requires a restart.
+    Note that the value read from JavaScript is always the global value.

 content.host_blocking.enabled:
  renamed: content.blocking.enabled
--- a/qutebrowser/javascript/quirks/digitecgalaxus.user.js
+++ b/qutebrowser/javascript/quirks/digitecgalaxus.user.js
@ -1,17 +0,0 @@
-// ==UserScript==
-// @include https://id.digitecgalaxus.ch/*
-// @include https://id.galaxus.eu/*
-// ==/UserScript==
-
-// Needed because their /api/v1/login/_actions/find-user endpoint claims
-// that the user does not exist (!?) with the default UA
-
-"use strict";
-
-const originalUserAgent = navigator.userAgent;
-
-Object.defineProperty(navigator, "userAgent", {
-    get() {
-        return originalUserAgent.replace(/QtWebEngine\/[\d.]+ /, "");
-    },
-});