# User Agent Rules

Surge's rule system provides rules based on User-Agent for identification. Please note the following when using this rule:

1. This rule only applies to HTTP/HTTPS requests. If the HTTP header is extracted from a raw TCP request, the rule will not work, and the `force-http-engine` parameter needs to be configured. See [Official Guidance：Understanding Surge](https://manual.nssurge.com/book/understanding-surge/en/) for details.
2. For HTTPS requests, there are User-Agents for CONNECT requests sent to the HTTP proxy and the actual HTTP requests. The contents of the two may be the same or different. The former is usually generated by the system and cannot be adjusted by the app. When MITM is not enabled, matching only applies to the former. When MITM is enabled, it only applies to the latter.
3. In iOS 15 and later, the system no longer provides User-Agent in CONNECT requests for privacy protection. This means that for all HTTPS requests, when MITM is not enabled, User-Agent is invisible, and the rule does not work.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://kb.nssurge.com/surge-knowledge-base/technotes/user-agent.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.