While digging around in webserver logs I noticed that Chrome 134 seems to have added new headers:<p><pre><code> "x-browser-channel": "stable",
"x-browser-copyright": "Copyright 2025 Google LLC. All rights reserved.",
"x-browser-validation": "wTKGXmLo+sPWz1JKKbFzUyHly1Q=",
"x-browser-year": "2025"
</code></pre>
The x-browser-validation value has been the same for all users I've observed. Does anybody have any idea what the validation header is doing? Haven't found any info online nor with a (rather sloppy) search on the chromium source code. I find this combination of headers rather weird - why should a browser tell each web server who has the copyright on it and what update channel you're on?
the x-browser-validation string value being identical for all users tends to suggest it's value is low to none. It feels like a misunderstanding of need and outcome. If its a super-encoded version string, well and good. It might be constructed over a shared secret and encode bitflags to capability or something but it looks like junk science or a misnamed field.<p>The copyright thing, there are different opinions about the need to assert (C) and it's existence. If you were about to go into lawfare with e.g. Brave, then evidence of assertion would probably help when you came close to the steps of the court.<p>it's not even immediately clear what they assert copyright over. The body of text sent as the HTTP header? Are they claiming intellectual property rights in the SPECIFIC set of type:values, or the value part only, or the type part only?