CodeSOD: A Sniff

In November of 2020, the last IE release happened, and on June 15th of this year, the desktop app officially lost support on Windows 10. But IE never truly dies.

Eleanor inherited a web application for a news service. And, you won't be shocked that it's still doing user-agent sniffing to identify the browser. That's just plain bad, but by the standards of user-agent sniffing, it's not terrible code.

function isIE() { var myNav = navigator.userAgent.toLowerCase(); return (myNav.indexOf('msie') != -1) ? parseInt(myNav.split('msie')[1]) : false; }

If it contains msie, split on that and assume the bit which follows is only the version number. Return the version number, or return false if it's not Internet Explorer.

Now, this method contains an annoying abuse of JavaScript that's common: sometimes this method returns a number, sometimes it returns false. Because of that, it needs to be called like this:

if (isIE() && isIE() <= 10) { alert("The browser you are using is too old and not supported anymore. Please get a newer one."); }

At first glance, you might think, couldn't I just do isIE() <= 10? Why use the initial && at all? And it's because of JavaScript's type coercion: false <= 10 is true.

Now, in fairness, false being roughly equivalent to zero is not an uncommon feature in languages, but the result here is just an annoying call that has to do the same string mangling twice because nobody thought through what the purpose of the function actually was. Then again, the whole function shouldn't be there, because it's 2022 and there's simply no excuse for this user-agent sniffing game.

[Advertisement] Keep the plebs out of prod. Restrict NuGet feed privileges with ProGet. Learn more.

This post originally appeared on The Daily WTF.

Leave a Reply

Your email address will not be published.