Spoofing JavaScript User Agent Navigator

Most programming languages offer access to make custom HTTP User Agent value. We often did this to fool server side page (PHP, ASP, JSP, etc). But spoofing only HTTP request header is not working on JavaScript since navigator.userAgent don’t read your HTTP request. JavaScript rely on their own runtime to recognize browser HTTP User Agent. Thanks God JavaScript it self is able to change/rewrite navigator.userAgent value, here’s the code     Change navigator.userAgent on Firefox and Opera via defineGetter

<script type="text/javascript">
	navigator.__defineGetter__('userAgent', function(){
		return( "iPhone 5" );

	alert( navigator.userAgent ); //iPhone 5

Change navigator.userAgent on IE and Opera via object instance

<script type="text/javascript">
	var navigator = new Object; 
	navigator.userAgent = 'iPhone 5';

	alert( navigator.userAgent ); //iPhone5

Good thing is, if you work on IE webbrowser control, you can double spoof both HTTP request and JavaScript navigator.userAgent via execScript

WebBrowser1.Navigate "http://example.com", , , , "User-Agent: iPhone 5" & vbCrLf

WebBrowser1.Document.parentWindow.execScript ("var navigator=new Object;navigator.userAgent='iPhone 5';")
WebBrowser1.Document.parentWindow.execScript ("alert(navigator.userAgent);") 'iPhone 5

5 Responses to Spoofing JavaScript User Agent Navigator

  1. David says:

    Does not seem to work for IE 11.

  2. Johne771 says:

    I value the post.Thanks Again. Awesome. gbdceekekeae

  3. David says:

    The Firefox/Opera solution works for IE 11.

  4. Scott says:

    Both way do not work for IE10 WebBrowser on Windows Phone 8.1.

  5. jifrocket says:

    seems like navigator userAgent property can be overwritten, but server still retrieves the original userAgent

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: