A user agent is a computer program representing a person, for example, a browser in a Web context.
Besides a browser, a user agent could be a bot scraping webpages, a download manager, or another app accessing the Web. Along with each request they make to the server, browsers include a self-identifying User-Agent HTTP header called a user agent (UA) string. This string often identifies the browser, its version number, and its host operating system.
Spam bots, download managers, and some browsers often send a fake UA string to announce themselves as a different client. This is known as user agent spoofing.
A typical user agent string looks like this: "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:35.0) Gecko/20100101 Firefox/35.0".
A slug is a lowercase alphanumeric (ASCII) representation of a string, consisting only of numbers, letters and, in our case, underscores. It's up to apps that implement the list to display this information however they see fit, and using a slug is better for disambiguation.
For example, it's often difficult to know whether an Android app is running on a phone or a tablet. Multiple matches should ideally not happen for anything that has an app name; so parsing order shouldn't matter.
For devices and OS, you mat discover that multiple matches will give you more accurate data, but you should hopefully only see one app name. It automatically reads the browsers list configuration specified in your project, but you can also specify the same using the options' parameter.
The cause database does not currently store historical data for these browsers separately (except the last version) See #156. It is a good idea to update this package often so that browser definitions are unto date.
It is also a good idea to add unreleased versions to your browsers list query, and set ignoreMinor and ignorePatch to true so that alpha / beta / canary versions of browsers are matched. A new version of the package is automatically released every day, so the data is always up to date.
Web scraping often involves creating realistic traffic patterns, and doing so generally requires a good source of data. Unlike other random user agent generation libraries, the User -Agents package is updated automatically on a daily basis.
The data property includes a randomly generated browser fingerprint that can be used for more detailed emulation. By passing an object as a filter, each corresponding user agent property will be restricted based on its values.
If you replace mobile with either desktop or tablet, then the user agent will correspond to one of those device types instead. This example combines a regular expression filter with an object filter to generate an user agent with a connection type of Wi-Fi, a platform of Mac Intel, and an user agent that includes a Safari substring.
This example also shows that you can specify both multiple and nested properties on object filters. Each time the class is instantiated, it will randomly populate the instance with a new user agent based on the specified filters.
The following examples both generate two user agents based on the same filters. The reason to prefer the second pattern is that it reuses the filter processing and preparation of the data for random selection.
Subsequent random generations can easily be over 100x faster than the initial construction. It's likely that the structure of user agent data will change in the future, and this will correspond to a new major version.
You can continue to use older versions of the software, but you'll need to upgrade to get access to the latest data. Additional data sources will help make the library more useful, and we'll be happy to add a link to your site in the acknowledgments.
(Note that authorization sometimes influences the amount of detail included in the representation.) Requests that require authentication will return 404 Not Found, instead of 403 Forbidden, in some places.
This is to prevent the accidental leakage of private repositories to unauthorized users. Note: GitHub recommends sending OAuth tokens using the Authorization header.
Deprecation Notice: GitHub will discontinue authentication to the API using query parameters. Using query parameters to authenticate to the API will no longer work on May 5, 2021.
For more information, including scheduled brownouts, see the blog post. Using your client_id and client_secret does not authenticate as a user, it will only identify your OAuth application to increase your rate limit.
After detecting several requests with invalid credentials within a short period, the API will temporarily reject all authentication attempts for that user (including ones with valid credentials) with 403 Forbidden : In this example, the 'BMG' and 'red carpet' values are provided for the :owner and :repo parameters in the path while :state is passed in the query string.
For POST, PATCH, PUT, and DELETE requests, parameters not included in the URL should be encoded as JSON with a Content-Type of 'application/Jason': See the guide on Using Global Node IDs for detailed information about how to find node_id s via the REST API and use them in GraphQL operations.
There are three possible types of client errors on API calls that receive request bodies: Sending invalid JSON will result in a 400 Bad Request response.
Sending the wrong type of JSON values will result in a 400 Bad Request response. Sending invalid fields will result in a 422 Processable Entity response.
All error objects have resource and field properties so that your client can tell what the problem is. Redirect responses will have a Location header field which contains the URI of the resource to which the client should repeat the requests.
The URI you used to make the request has been superseded by the one specified in the Location header field. The request should be repeated verbatim to the URI specified in the Location header field but clients should continue to use the original URI for future requests. Other redirection status codes may be used in accordance with the HTTP 1.1 spec.
VerbDescription HEAD Can be issued against any resource to get just the HTTP header info. Doing so will make future upgrades of the API easier for developers.
Note that for technical reasons not all endpoints respect the per_page parameter, see events for example. Note: It's important to form calls with Link header values instead of constructing your own URLs.
Header NameDescription X-RateLimit-Limit The maximum number of requests you're permitted to make per hour. X-RateLimit-Remaining The number of requests remaining in the current rate limit window.
If your OAuth application needs to make unauthenticated calls with a higher rate limit, you can pass your app's client ID and secret before the endpoint route. Note: Never share your client secret with anyone or include it in client-side browser code.
If you exceed your rate limit using Basic Authentication or OAuth, you can likely fix the issue by caching API responses and using conditional requests. In order to provide quality service on GitHub, additional rate limits may apply to some actions when using the API.
For example, using the API to rapidly create content, poll aggressively instead of using web hooks, make multiple concurrent requests, or repeatedly request data that is computationally expensive may result in abuse rate limiting. Abuse rate limits are not intended to interfere with legitimate use of the API.
Note : Making a conditional request and receiving a 304 response does not count against your Rate Limit, so we encourage you to use it whenever possible. You can read the CORS W3C Recommendation, or this intro from the HTML 5 Security Guide.
You can send a ?callback parameter to any GET call to have the results wrapped in a JSON function. This is typically used when browsers want to embed GitHub content in web pages by getting around cross domain issues.
The response includes the same data output as the regular API, plus the relevant HTTP Header information. We apply the following rules, in order of priority, to determine timezone information for API calls.
This means that we generate a timestamp for the moment your API call is made in the timezone this header defines. For example, the Contents API generates a git commit for each addition or change and uses the current time as the timestamp.