Client Hints are a set of HTTP request headers that provide useful information to a server about the connecting client such as device type and network conditions. This then allow a server to optimize the content that is served back to the client.
Unlike the traditional "User Agent String", Client Hints provide a more efficient and privacy preserving way of retrieving the desired information.
Whilst the "User Agent String" is presented to servers automatically, a web server needs to proactively request the client hint headers they are interested in. The connecting client can then include the requested headers in subsequent requests.
MIDAS (v4.36+) utilizes one of these new Client Hint headers (namely, Sec-CH-UA-Platform-Version) in order to be able to determine the specific operating system version a client is connecting from.
This information is then used to provide users with automated notifications whenever a new or unfamiliar device logs in to their MIDAS account.
Our cloud-hosted client servers are already configured to transparently request the necessary Client Hint headers.
For self-hosted customers however, a small server configuration change will be necessary in order to take advantage of these improvements to device detection in MIDAS v3.46+.
Essentially, you'll need to configure your web server to send an "Accept-CH" (Accept Client Hints) HTTP header with every response. The value of this HTTP header should be "sec-ch-ua-platform-version,ua-platform-version".
Here's how to configure your webserver to send this custom Client Hint HTTP header:
How to configure Apache to send a custom Client Hint HTTP header
With the "mod_headers" Apache module enabled, you can add the following line either to the server's httpd.conf file, or to the .htaccess file for the location where your MIDAS system is installed:
Header set Accept-CH "sec-ch-ua-platform-version,ua-platform-version"
How to configure IIS to send a custom Client Hint HTTP header
Open Internet Information Services (IIS) Manager.
In the connections pane, expand the node for the server, and then expand Sites.
Select the web site where you want to add the custom HTTP response header.
In the web site pane, double-click HTTP Response Headers in the IIS section.
In the actions pane, select Add.
In the Name box, type the custom HTTP header name, "Accept-CH".
In the Value box, type the custom HTTP header value, "sec-ch-ua-platform-version,ua-platform-version".
