: The Sec-CH-UA-Platform header is considered "low entropy," meaning it shares basic info (like "Windows" or "Android") that isn't enough to uniquely identify a specific person.
: These hints are generally only sent over secure HTTPS connections to prevent data interception. sec,ch,ua,platform:,""windows""
Historically, browsers sent a single, long "User-Agent" string containing every detail about the device. This made it easy for websites to "fingerprint" users and track them across the web. : The Sec-CH-UA-Platform header is considered "low entropy,"
: Because it's low entropy, browsers like Chrome and Edge send it by default with almost every request without the server needing to ask. 💻 How it works in practice This made it easy for websites to "fingerprint"
: This header only tells the server it's "Windows." If a site needs to know if you are on Windows 11 specifically, it must request a separate "High Entropy" header called Sec-CH-UA-Platform-Version . 🛠️ Developer Use Cases Web developers use this header to: Sec-CH-UA-Platform header - HTTP - MDN Web Docs
When you visit a site on a PC, your browser sends: Sec-CH-UA-Platform: "Windows" Key characteristics: