[Upgrade to Bubble Version 25] Giving all external API calls a default user agent if they don't already have one set

Hello everyone,

We just released a new Bubble version that gives all external API calls a User-Agent field. This field will let the receiver of the API call know that the call originated from Bubble. All API calls without a custom User-Agent field going forward will now have a “User-Agent”: “Bubble” field attached as a header.

The primary reason we’re making this change relates to partnerships. As we ramp up our partnernship efforts, partners being able to identify API calls coming from Bubble apps is a helpful datapoint for them and us. It helps partners get a sense for demand for a Bubble integration. This also helps us smooth out any unfortunate incidents around spam, as the partner can identify these requests originating from Bubble and give us a heads up. We of course wanted to do this in a way that would not break users apps, so decided to release this as a separate Bubble version for niche cases.

Some more FAQs for this change:

  • Which types of API calls does this affect? This affects all calls handled by Bubble servers, including API connector and plugin calls. This should exclude most fetch calls in server-side actions in plugins.
  • Will developers be able to overwrite the new User-Agent field? Yes, you’ll be able to overwrite this using the Headers section.
  • Will API calls with custom User-Agent fields change in behavior? No, these calls will function exactly the same as before.
  • Will I be able to remove the User-Agent object entirely? No, but you can set your User-Agent to an empty string as a header.

Please let us know if you have any questions, and happy Bubbling!

Hello!
Can you clarify on the “most” word? Which fetch calls would default to this?

Hey Vini, thanks for the follow-up. I can confirm that fetch calls in V3 and V4 of the plugin API will not be affected. From my understanding, no fetch calls from versions V0-V2 should default to this either, but I cannot give you a full confirmation.

Will developers be able to overwrite the new User-Agent field? Yes, you’ll be able to overwrite this using the Headers section.

Just wondering, if the User-Agent can be overwritten, how will this change help avoid the spam issue?

Will developers be able to overwrite the new User-Agent field? Yes, you’ll be able to overwrite this using the Headers section.

Truly malicious users can certainly overwrite this User-Agent, but we’re assuming most spammers will not find this necessary. Having a User-Agent included doesn’t hurt the spammer; it instead helps the recipient of the spam address the right source (i.e. alerting Bubble instead of blocking our IP address).