4

I mean, some apps will send http requests to certain servers, like some games or facebook. So is there a way to identify which app is sending it by looking at the http header?

Jasper
  • 2,166
  • 4
  • 30
  • 50
Ning
  • 399
  • 4
  • 14
  • You need to read the network traffic, not the http headers. It is definitely possible, although I don't know how to on android. "OS Monitor" app does it. – tacone Mar 31 '11 at 21:14
  • oh wait, your question is unclear. who should do the detection ? the remote server or an app installed on the phone ? – tacone Mar 31 '11 at 21:15

4 Answers4

3

So is there a way to identify which app is sending it?

Generally, no. Some apps might modify the user agent, but most probably leave it alone.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
1

You might be able to identify the default headers, but since they can be altered by whatever program the client is running, there's no guarantees.

For what it's worth, here is the user-agent header my Android handset sends:

Moxilla/5.0 (Linux; U; Android 2.2; en-us; T-Mobile G2 Build/FRF91) AppleWebKit/533.1(KHTML, like Gecko) Version/4.0 Mobile Safari/533.1
willm1
  • 116
  • 2
1

Almost all requests will have some form of identification in them. Often the server API requires this identification.

However, there is no general rule for how the clients identify themselves. As a human looking through the request logs, you will often be able to tell what app they are coming from; however, I doubt there is a standardized or automated way to do this.

Matthew
  • 44,826
  • 10
  • 98
  • 87
0

Yes. Android WebView currently appends a non-removable header for identification:

X-Requested-With: com.example.myapp

There have been attempts to disable it. None have succeeded so far. Even privacy focused apps such as DuckDuckGo just "live with this handicap" for the time being.

AlanSTACK
  • 5,525
  • 3
  • 40
  • 99