Detecting Client Library Using HTTP Headers

A blog I discussed about using HTTP header ordering as a means to detect spoofing of user agents based on the actual application or library and how the API gets called for the HTTP library. https://drive.google.com/file/d/1iX-ZMhtkBJrl_PR1-b33044diA_MTXwG/view?usp=sharing It is research I performed many years before working for Perched but ended up being posted at Perched, and ultimately taken down after Elastic acquired it - somebody saved a PDF of the site before it was gone so here it is. No shout out to Elastic nor that previous company. I just want to link to my original work despite that company always saying the work I posted would exist.