WEB AUTHORS/WEBMASTERS: Do you want to reliably detect future versions of Internet Explorer Mobile on your Web site? Here’s some

http://blogs.msdn.com/iemobile/archive/2006/08/03/Detecting_IE_Mobile.aspx

I’ve published a lot of articles on the User-Agent strings of different Pocket PC Web browsers, including several versions of the built-in Internet Explorer (called “Pocket Internet Explorer” (PIE) in the pre-WM5 and “Internet Explorer Mobile” (IEM) starting with WM5.) (See for example this, this, this, this, this and most importantly this. Also, I’ve scrutinized the ability to change them in all my additional Web browser reviews.) Now, the IEMobile Team has just published an article on how they plan to communicate being a Microsoft Pocket PC/Smartphone-based IEM to the Web servers. The most important parts of the article (if you don’t want to read it all): “If you want to detect the current/older IE Mobile browsers, the way to do it is to look for "PPC" or "Smartphone", as well as "Windows CE" in that string. That's the only sure-fire way to be certain of what you're getting. In with the new: Moving forward, here's the new IE Mobile User-Agent string: Mozilla/4.0 (compatible; MSIE 6.0; Windows CE; IEMobile m.n), the article also elaborates on the already-known “<meta name="MobileOptimized" content="width">” META tag. Still missing: Removing of custom UA headers However, there is one question: that of completely suppressing of additional, custom UA headers. Users wanting to completely disguise/hide the fact that they use PIE/IEM to browse and not a desktop browser may (still) need a strictly Windows Mobile-based way of doing this (and not having to rely on a separate, custom proxy server). Why do you need this, you may ask. As I’ve already pointed out in several of my articles: to be completely anonymous - not even your identity should be hidden but also the fact what kind of device you use to access the Web. This may be important upon accessing sites from your PDA where absolute anonymity is required; for example, if you post stuff that you don't want to get you into trouble - when you post about your boss ;), for example. If the Web server records (let's assume it logs all the HTTP request headers, not only User-Agent. Logging only the latter is the default but some Web servers may record all of the that the particular client was a Pocket PC or a Smartphone. With a given resolution, CPU type, an exact version number etc - when all this data is given, the number of potential users become pretty limited, you will have a much bigger chance to be identified / caught. Yes, even if you use a traditional anonymizer proxy service (they just pass verbatim these custom UA headers through - as would any proxy server do). On-line compression services like Toonel, MobileLeap or Skweezer ditto - they don't remove these headers either. As of now, as the article has also pointed out, PIE/IEM sends out some additional, PIE/IEM-specific HTTP request headers starting with UA-. As it seems, in the future, they (still) can’t be suppressed unless you use a super-anonymizing external proxy server that just throws these request headers away before sending the request further to the Web server. The MS IEM team may want to consider “hiding” them for users that really want to hide from Web servers they are using handhelds in browsing the Net. A simple registry boolean value and an additional conditional (if {}) block would make all this possible.