As an avid VPN user it’s infuriating that multilingual websites insist on using the client’s IP address to determine their language and country when web browsers have been sending the Accept-Language HTTP header since the mid-90s.
I understand that you can work out more or less where someone is located based on their IP address but it was never meant to be a geo-based marker. Why not go the simple route and use the header?
Accept-Languageis usually used for localizations. The 2 main ways that are used to gather location information are the location permissions and IP’s.The reason IPs are used primarily is they don’t need user consent since it’s being sent to the server. It allows an easy way to determine a close enough location for search results since it can get down to a metroplex or city.
Is user consent needed for the
Accept-Languageheader? That would be kind of insane. I realize that it could be considered identifiable but that still feels strange to me.I’m thinking mostly of localization, primarily language.
Localizations are used to convert between different languages. Just having a country code inside a header doesn’t give enough context where you are. For example states/provinces and their respective cities. Most of that is easily collected from the GeoIP information to give you local results for your area.
Edit: here’s an example of one of the bigger GeoIP APIs that provides the data so you can see the example for your own IP
https://ipgeolocation.io/what-is-my-ip/