0

On a production site I have a background-attachment: fixed image applied to the body, and I'm using a gradient fallback for browsers that don't support this style rule, and a solid background fallback if that same browser doesn't support gradients. The problem is, it doesn't work reliably.

I've tried detecting background-attachment: fixed support using document.body.style as well as @supports, but it's not consistent and I get quite a few false positives on iOS and Android devices. I've read the other SO posts and they all seem to suggest workarounds that have huge negative aspects, but at the same time, I realize there's a tradeoff here.

I've also read quite often that you shouldn't be detecting user agents because they can be spoofed. If I was detecting the user agent and only applied the gradient fallback to mobile browsers, is there really a downside to someone spoofing their agent as a mobile browser? If that happens, they'd just be presented with a gradient background instead. Do I need to worry about someone attempting to spoof their mobile browser's user agent as a desktop browser agent, or am I missing something larger here? I can't say I really want to do this, because it partially kills me inside, but I figured I'd ask.

I just thought of the above last night, but I'm really just looking for someone who's applied some kind of similar fallback on a production level site that doesn't significantly downgrade the user experience.

mumush
  • 650
  • 6
  • 14
  • People will often not know that their browser is spoofing another browser or another device, many cheap and nieche browsers will spoof other browsers but will not use the same rendering code so they will call themselves Gecko but will render not as a Gecko browser engine would. But overall I'd *expect* that it's far more likely for mobile browsers to spoof desktop browsers than vice versa. – Martin Apr 27 '15 at 15:06
  • In this case, would you consider someone spoofing their browser as a legitimate user? My personal experience has been that the spoofs are usually some bot or scraper I would rather not have at my website anyways. – pathfinder Apr 27 '15 at 15:07
  • @pathfinder yes, robots and scrapers will be using "spoof" details as well, I've only occasionally seen these sort of spiders/ crawlers/spammers /robots/scrapers give their genuine details -- something like 1 in 1,400 monthly visitors to a website, but overall it's hard to tell if it's the browser or the human who is setting the spoof, that's my summary point. – Martin Apr 27 '15 at 17:37
  • Any ideas on how to best deal with this? – mumush Apr 28 '15 at 15:57

0 Answers0