IE 11 sends different User-Agent header to different subdomains

Question

Well, I\'ve been working on an User-Agent based shared-session protection between subdomains.

I was extremely surprised that it\'s been working well until IE 11 prev

Answer 1

Official Microsoft Documentation on MSDN:

• Compatibility changes in IE11
• User-agent string changes

Quotes:

For many legacy websites, some of the most visible updates for IE11 involve the user-agent string. Here's what's reported for IE11 on Windows 8.1:

Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Here's the string for IE11 on Windows 7:

Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko

In rare cases, it may be necessary to uniquely identify IE11. Use the Trident token to do so.

Isn't it nice, they say "like Gecko"? ;)

Answer 2

Microsoft has the site in question configured to use UA-spoofing (via the Compatibility View list) and that causes IE to send a custom UA string.

CompatView-based UA spoofing was enabled in IE8 in 2008: http://blogs.msdn.com/b/ie/archive/2008/08/27/introducing-compatibility-view.aspx

And in IE10+, it's gotten richer, with per-site spoofing to enable the best experience. See http://blogs.msdn.com/b/ieinternals/archive/2013/09/21/internet-explorer-11-user-agent-string-ua-string-sniffing-compatibility-with-gecko-webkit.aspx for an exploration of this topic.