Switch widget UA detection to whitelist (#244)

RafaelPo · claude · web-flow · commit 5cd87381fd73 · 2026-02-27T11:03:11.000Z
* Switch widget detection from blocklist to whitelist

Now that we've confirmed Claude.ai and Claude Desktop both send
"Claude-User", whitelist that UA instead of blocking known non-widget
clients. Unknown UAs default to text-only. Also broaden internal client
detection to match "everyrow" instead of "everyrow-cc".

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;

* Fix UA comment: internal client sends everyrow not everyrow-cc

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;

* Fix stale docstring and add UA detection tests

Update client_supports_widgets docstring to reflect whitelist behavior
(unknown UAs now default to no widget, not widget). Add parameterized
tests for _widgets_from_user_agent and is_internal_client.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;

---------

Co-authored-by: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/everyrow-mcp/src/everyrow_mcp/tool_helpers.py b/everyrow-mcp/src/everyrow_mcp/tool_helpers.py
@@ -114,16 +114,15 @@ def client_supports_widgets(ctx: EveryRowContext) -> bool:
        widget-capable client names so they get widgets today.
        This fallback should be removed once clients adopt the capability.
 
-    3. **User-Agent fallback** (stateless HTTP mode):
+    3. **User-Agent whitelist** (stateless HTTP mode):
        When ``client_params`` is ``None`` (stateless HTTP — no MCP initialize
-       handshake), we check the HTTP User-Agent header.  Clients known to
-       NOT support widgets (e.g. Claude Code) are excluded.  If the
-       User-Agent is unknown, we default to **showing widgets** because
-       HTTP mode traffic is overwhelmingly from Claude.ai/Desktop.
-
-    Unknown clients default to **no widget** in stateful mode (tier 2),
-    but to **widget** in stateless HTTP mode (tier 3) where the population
-    is predominantly Claude.ai/Desktop.
+       handshake), we check the HTTP User-Agent header against a whitelist
+       of known widget-capable UAs (currently ``"Claude-User"``).  If the
+       User-Agent is unknown, we default to **no widget** to avoid wasting
+       context tokens on clients that can't render them.
+
+    Unknown clients default to **no widget** in both stateful (tier 2) and
+    stateless (tier 3) modes.
     """
     try:
         cp = ctx.session.client_params
@@ -161,36 +160,36 @@ def _widgets_from_user_agent() -> bool:
 
     Called when client_params is None (stateless HTTP mode).
 
-    Strategy: block known non-widget clients, allow everything else.
-    HTTP mode traffic is predominantly Claude.ai/Desktop which supports
-    widgets, so defaulting to True minimises false negatives.
-
-    The blocklist below will be populated once we observe actual
-    User-Agent strings from Claude Code's HTTP client in production logs.
+    Strategy: whitelist known widget-capable clients, deny everything else.
+    Only clients we have confirmed can render widgets get them; unknown UAs
+    default to text-only to avoid wasting context tokens on unsupported UIs.
     """
     from everyrow_mcp.http_config import get_user_agent  # noqa: PLC0415
 
     ua = get_user_agent().lower()
 
-    # Known non-widget User-Agent substrings.
-    # Observed values (Feb 2026):
-    #   Claude Code: "claude-code/2.1.59 (cli)"
-    #   MCP SDK:     "python-httpx/0.28.1"  (test client)
-    #   OAuth flow:  "Bun/1.3.10"  (Claude Code's OAuth helper)
-    _NO_WIDGET_UA_SUBSTRINGS = {"claude-code", "everyrow-cc"}
-
-    if any(pattern in ua for pattern in _NO_WIDGET_UA_SUBSTRINGS):
-        return False
+    # Whitelist of UA substrings for clients that support widgets.
+    #
+    # Observed User-Agent values (Feb 2026):
+    #   Claude.ai:       "Claude-User"          — supports widgets
+    #   Claude Desktop:  "Claude-User"          — supports widgets
+    #   Claude Code CLI: "claude-code/2.1.62 (cli)" — text-only
+    #   everyrow:        "everyrow/1.0"         — text-only (internal)
+    #   MCP SDK (test):  "python-httpx/0.28.1"  — text-only
+    #   OAuth helper:    "Bun/1.3.10"           — not a tool caller
+    #
+    # Claude.ai and Claude Desktop both send "Claude-User". If Anthropic
+    # changes this, we'll need to update the whitelist.
+    _WIDGET_UA_SUBSTRINGS = {"claude-user"}
 
-    # Unknown UA in HTTP mode → assume widget-capable (Claude.ai/Desktop).
-    return True
+    return any(pattern in ua for pattern in _WIDGET_UA_SUBSTRINGS)
 
 
 def is_internal_client() -> bool:
-    """Return True if the request comes from EveryRow's own app (CC)."""
+    """Return True if the request comes from everyrow's own app."""
     from everyrow_mcp.http_config import get_user_agent  # noqa: PLC0415
 
-    return "everyrow-cc" in get_user_agent().lower()
+    return "everyrow" in get_user_agent().lower()
 
 
 def _submission_text(
diff --git a/everyrow-mcp/tests/test_ua_detection.py b/everyrow-mcp/tests/test_ua_detection.py
@@ -0,0 +1,72 @@
+"""Tests for User-Agent-based client detection."""
+
+from unittest.mock import patch
+
+import pytest
+
+from everyrow_mcp.tool_helpers import _widgets_from_user_agent, is_internal_client
+
+_UA_PATCH = "everyrow_mcp.http_config.get_user_agent"
+
+
+class TestWidgetsFromUserAgent:
+    """Tests for _widgets_from_user_agent (tier 3 widget detection)."""
+
+    @pytest.mark.parametrize(
+        "ua",
+        [
+            "Claude-User",
+            "claude-user",
+            "Claude-User/1.0",
+            "something Claude-User something",
+        ],
+    )
+    def test_widget_capable_clients(self, ua: str) -> None:
+        with patch(_UA_PATCH, return_value=ua):
+            assert _widgets_from_user_agent() is True
+
+    @pytest.mark.parametrize(
+        "ua",
+        [
+            "claude-code/2.1.62 (cli)",
+            "everyrow-cc/1.0",
+            "everyrow/1.0",
+            "python-httpx/0.28.1",
+            "Bun/1.3.10",
+            "curl/8.0",
+            "",
+        ],
+    )
+    def test_non_widget_clients(self, ua: str) -> None:
+        with patch(_UA_PATCH, return_value=ua):
+            assert _widgets_from_user_agent() is False
+
+
+class TestIsInternalClient:
+    """Tests for is_internal_client."""
+
+    @pytest.mark.parametrize(
+        "ua",
+        [
+            "everyrow/1.0",
+            "everyrow-cc/1.0",
+            "Everyrow-CC/2.0",
+            "something-everyrow-something",
+        ],
+    )
+    def test_internal_clients(self, ua: str) -> None:
+        with patch(_UA_PATCH, return_value=ua):
+            assert is_internal_client() is True
+
+    @pytest.mark.parametrize(
+        "ua",
+        [
+            "Claude-User",
+            "claude-code/2.1.62 (cli)",
+            "python-httpx/0.28.1",
+            "",
+        ],
+    )
+    def test_non_internal_clients(self, ua: str) -> None:
+        with patch(_UA_PATCH, return_value=ua):
+            assert is_internal_client() is False
