Browser signatures/fingerprint in request headers


Are there plans for Cloudflare to provide a browser signature in the request headers?


I don’t think so, but can you clarify what your objective is? We might have other solutions.


Hi Ryan

Basically browser fingerprinting that could be used for fraud detection - we already do a few checks when people register - stopforumspam, IP address, geolocation but fingerprinting would give us an edge.


Are you looking for something other than user-agent?


Yes… Something like this or but that could come in request headers.

For example test page for the first code and my own test page

I also would like to see a request header with Cloudflare’s assessment of a browser (as in Bad, BOT, Clear) or similar.

Those two things would help a lot in terms of security/safety…


It’s a balancing act. We want to be as transparent as possible, but also don’t want to give bad actors any help figuring out how our systems work.

What I can confirm is that we are looking into providing additional scoring specifically geared toward bots. Just can’t give any specifics. But I’ve passed along your feedback.