Are there plans for Cloudflare to provide a browser signature in the request headers?
I don’t think so, but can you clarify what your objective is? We might have other solutions.
Basically browser fingerprinting that could be used for fraud detection - we already do a few checks when people register - stopforumspam, IP address, geolocation but fingerprinting would give us an edge.
Are you looking for something other than user-agent?
For example test page for the first code https://mattbrailsford.github.io/imprintjs/default.html and my own test page https://www.geekzone.co.nz/testbrowser.asp
I also would like to see a request header with Cloudflare’s assessment of a browser (as in Bad, BOT, Clear) or similar.
Those two things would help a lot in terms of security/safety…
It’s a balancing act. We want to be as transparent as possible, but also don’t want to give bad actors any help figuring out how our systems work.
What I can confirm is that we are looking into providing additional scoring specifically geared toward bots. Just can’t give any specifics. But I’ve passed along your feedback.