What can cause chrome to send user-agent with random suffix? - google-chrome

I have a user with the following user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36/Z7F3WKeKMrnlzpp
This suffix Z7F3WKeKMrnlzpp is different (seemingly random) for every request. The only unusual extension that he has is "360 internet protection", but this is not supposed to cause such behavior.
Thanks

Related

Too many open files SMB / NextCloud

I am using an app called ‘Duplicate Finder’ in NextCloud to scan if i have duplicate images.
When i try to run the program, i get the following error in my apache2 error log:
[Thu Aug 06 14:45:08.221982 2020] [proxy_fcgi:error] [pid 10545:tid 140179276822272]
[client 192.168.2.254:49802] AH01071: Got error 'PHP message: {"reqId":"cI05UvQK2IMSj7vhgbsr","level":3,"time":"2020-08-06T12:45:08+00:00","remoteAddr":"192.168.2.254","user":"root","app":"PHP","method":"GET","url":"/index.php/apps/duplicatefinder/files","message":"proc_open(): unable to dup File-Handle for descriptor 3 - Too many open files at
/var/www/nextcloud/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php#76","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36","version":"19.0.1.1"}PHP message: {"reqId":"cI05UvQK2IMSj7vhgbsr","level":3,"time":"2020-086T12:45:08+00:00","remoteAddr":"192.168.2.254","user":"root","app":"PHP","method":"GET","url":"/index.php/apps/duplicatefinder/files","message":"include(/var/www/nextcloud/apps/files_external/3rdparty/icewind/smb/src/Exception/ConnectionException.php): failed to open stream: Too many open files at
/var/www/nextcloud/lib/composer/composer/ClassLoader.php#444","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36","version":"19.0.1.1"}PHP message: {"reqId":"cI05UvQK2IMSj7vhgbsr","level":3,"time":"2020-08-06T12:45:08+00:00","remoteAddr":"192.168.2.254","user":"root","app":"PHP","method":"GET","url":"/index.php/apps/duplicatefinder/files","message":"include(): Failed opening '/var/www/nextcloud/apps/files_external/3rdparty/composer/../icewind/smb/src/Exception/ConnectionException.php' for inclusion (include_path='/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Crypt_Blowfish:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Date:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Exception:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Idna:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Imap_Client:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_ListHeaders:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Mail:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_Mime:/var/www/nextcloud/apps/mail/vendor/pear-pear.horde.org/Horde_N...PHP message: {"reqId":"cI05UvQK2IMSj7vhgbsr","level":3,"time":"2020-08-
06T12:45:08+00:00","remoteAddr":"192.168.2.254","user":"root","app":"PHP","method":"GET","url":"/index.php/apps/duplicatefinder/files","message":"Trying to access array offset on value of type null at
/var/www/nextcloud/apps/files_external/3rdparty/icewind/smb/src/Wrapped/RawConnection.php#139","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36","version":"19.0.1.1"}PHP message: {"reqId":"cI05UvQK2IMSj7vhgbsr","level":3,"time":"2020-08-06T12:45:08+00:00","remoteAddr":"192.168.2.254","user":"root","app":"PHP","method":"GET","url":"/index.php/apps/duplicatefinder/files","message":"get_resource_type() expects parameter 1 to be resource, null given at
/var/www/nextcloud/apps/files_external/3rdparty/icewind/smb/src/Wrapped/Connection.php#120","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36","version":"19.0.1.1"}'
Could some one help me with this?
Thanks in advance!
I figured out an workaround and used SFTP for external storage on NextCloud in stead of SMB. Now it works!

Different server output in Firefox vs Chrome, why?

Running IIS 10 on Server 2019, fully patched. I have the following .aspx webpage code:
For Each var As String In Request.ServerVariables
Response.Write(var &" "& Request(var))
Next
Why does Firefox purposefully (apparently) ignore the HTTP_SEC_FETCH_ server headers while Chrome happily displays them?
Firefox 69.0.1 output:
...
HTTP_USER_AGENT Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:69.0) Gecko/20100101 Firefox/69.0
HTTP_UPGRADE_INSECURE_REQUESTS 1
Chrome 77.0.3865.90 output:
...
HTTP_USER_AGENT Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36
HTTP_UPGRADE_INSECURE_REQUESTS 1
HTTP_SEC_FETCH_MODE navigate
HTTP_SEC_FETCH_USER ?1
HTTP_SEC_FETCH_SITE none
This is server output so why does Firefox ignore that data? Or am I not understanding how server variables work? The output above is at the very end of the list.
It turns out that Chrome is (once again) ahead of Firefox in following RFC and various miscellaneous stuff. In this case it is a thing called "Fetch Metadata Request Headers" per https://www.w3.org/TR/fetch-metadata/ and is inserted into the fetch request by the browser. Now I know. (And knowing is half the battle!)

offsetwidth for Chrome returns different values

code to get
inner.offsetWidth
the result for me is 2, but some people got 1. Even when we have the same Chrome version. In IE, it returns 1.
btw, my result is
offsetWidth: 2
version: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36
Any help is appreciated.

Detect Google Chrome Aura with JavaScript, possible?

navigator.userAgent
does not report it:
"Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1613.1 Safari/537.36"
I only see it (Aura) literally in chrome://version/strings.js, which gets reported in chrome://version/

What is causing these /cache/xxx entries in our logs?

We have a valid url with the path '/some/url', but we are experiencing errors in our logs caused by the fact that something is attempting to access: '/some/url/cache/526402928a7041a5c61ae7da95c679c3' (an invalid url).
The '/some/url' part varies but the client rather consistently tries to get './cache/xxx'.
Does anyone know why the client is attempting to retrieve this url - which component/plugin is causing this?
The user agent is:
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11
or
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11
Found the cause at:
http://code.google.com/p/chromium/issues/detail?id=132059
Likely caused by a malfunctioning extension: "Browser Companion Helper" part of "Ginyas Browser Companion