Detect API End Point Sample Code in PHP

As discussed in the Integration Guide, you need to send all of your visitor's HTTP Headers to the Detect API. The most important modern addition to this is including all the Client Hints headers as well.

Requesting all Client Hints headers

Your visitor's Web Browsers won't send all their possible Client Hint HTTP headers to your site by default; it's necessary to specifically request that they send them to you. So for you to be able to use the Detect API properly, you have to request them from your visitors; you do this by including some HTTP Response Headers on your site. This will cause your visitor's browsers to send you their Client Hints as they make requests to your servers.

Try to do this "globally" across your site

It is ideal if you send these HTTP Response Headers with every response on your site. So if you can, try to add the code to send these Response Headers in a global or common place (perhaps some kind of Middleware or configuration file), as opposed to pasting these lines of code at the top of every PHP file on your site.

Basic PHP

For basic PHP scripts, requesting all Client Hints is as easy as adding the two lines:

header("accept-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Arch,Sec-Ch-Bitness,Sec-Ch-Ua-Model,Sec-Ch-Ua-Mobile,Device-Memory,Dpr,Viewport-Width,Downlink,Ect,Rtt,Save-Data,Sec-Ch-Prefers-Color-Scheme,Sec-Ch-Prefers-Reduced-Motion,Sec-Ch-Prefers-Contrast,Sec-Ch-Prefers-Reduced-Data,Sec-Ch-Forced-Colors"); header("critical-ch: Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Arch,Sec-Ch-Bitness,Sec-Ch-Ua-Model,Sec-Ch-Ua-Mobile,Device-Memory,Dpr,Viewport-Width,Downlink,Ect,Rtt,Save-Data,Sec-Ch-Prefers-Color-Scheme,Sec-Ch-Prefers-Reduced-Motion,Sec-Ch-Prefers-Contrast,Sec-Ch-Prefers-Reduced-Data,Sec-Ch-Forced-Colors");

in your code, anywhere before it starts "outputting to the client" (ie. starts echoing/printing an actual response). If you try to add these response headers after you have started outputting, you will get a warning: "Warning: Cannot modify header information - headers already sent by..." and it won't work.

Response Headers in Laravel

In Laravel 9.x, you can send HTTP Response headers like this:

return response($content) ->header('accept-ch', 'Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Arch,Sec-Ch-Bitness,Sec-Ch-Ua-Model,Sec-Ch-Ua-Mobile,Device-Memory,Dpr,Viewport-Width,Downlink,Ect,Rtt,Save-Data,Sec-Ch-Prefers-Color-Scheme,Sec-Ch-Prefers-Reduced-Motion,Sec-Ch-Prefers-Contrast,Sec-Ch-Prefers-Reduced-Data,Sec-Ch-Forced-Colors') ->header('critical-ch', 'Sec-Ch-Ua,Sec-Ch-Ua-Full-Version,Sec-Ch-Ua-Platform,Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Arch,Sec-Ch-Bitness,Sec-Ch-Ua-Model,Sec-Ch-Ua-Mobile,Device-Memory,Dpr,Viewport-Width,Downlink,Ect,Rtt,Save-Data,Sec-Ch-Prefers-Color-Scheme,Sec-Ch-Prefers-Reduced-Motion,Sec-Ch-Prefers-Contrast,Sec-Ch-Prefers-Reduced-Data,Sec-Ch-Forced-Colors');

But there is more than one way to do it. Read The Laravel Documentation for more information.

Now, your visitors should be sending all the necessary Client Hints headers to your site

You can test this by using the detection page for HTTP Headers. To test if the new reponse headers you just added are working, load that page with Chrome and make sure you see headers for SEC-CH-UA-FULL-VERSION, SEC-CH-UA, and so on.

If you don't see Chrome listing those headers, then you can use the Chrome Dev tools to inspect your site's response HTTP Headers and confirm that it is sending the accept-ch and critical-ch headers properly.

Gathering and sending all HTTP Headers from your visitors to the API

Now that you have requested all Client Hints headers from your visitors, any browsers which support Client Hints will start sending them to your server. When you take all the HTTP headers from your visitor's requests and send them to the Detect API, it will include their Client Hints headers.

To do that, you can use the PHP function getallheaders() and loop over all the headers your visitors have sent. As discussed, you need to send them in a JSON dict with the values name and value. You can do this like this:

$headers_list = []; foreach (getallheaders() as $name => $value) { array_push($headers_list, array("name" => $name, "value" => $value)); }

Now, you have all your visitor's HTTP headers stored properly in an array which can be converted to JSON to be sent to the API.

By using the powerful and popular cURL extension, it can be done like this:

# -- Add your API Key to the request headers $headers = [ 'X-API-KEY: '.$api_key, ]; # -- Create the JSON Structure to POST $post_data = array( "headers" => $headers_list, ); # -- Create a CURL handle containing your API Key and the data to send $ch = curl_init(); curl_setopt($ch,CURLOPT_URL, "https://api.whatismybrowser.com/api/v3/detect"); curl_setopt($ch,CURLOPT_POST, true); curl_setopt($ch,CURLOPT_POSTFIELDS, json_encode($post_data)); curl_setopt($ch,CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); # -- Make the request $result = curl_exec($ch); $curl_info = curl_getinfo($ch); curl_close($ch); # -- Decode the api response as json $result_json = json_decode($result); # -- Echo the Simple Software String echo $result_json->$detection->simple_software_string;

In the example given above, $result_json will contain the full response from the API, as described by the Detect End Point section of the Integration Guide.

A full working example

Here is a full, working PHP file that demonstrates sending the appropriate HTTP Response headers, gathering all your visitor's HTTP Request headers, sending them to the API and outputting parts of the Detection result.

Simply put your API Key into the $api_key variable, place the PHP file on a server that executes PHP, and load the file in your browser to see it in action.

Download a working sample file

detect.php