Why am I seeing 'SPF' in Google?

My Safari home page is set to ‘https://www.google.com.au’, yet what I see in the address bar is ‘https://www.google.com.au/#spf=xxxxxxxxxxxxx’ (the xxx’s being a 13 digit domain ID number?). As far as I understand the Google ‘Sender Policy Framework’ is Google’s ‘Gmail’ authentication protocol to help protect against forged emails (spoofing). That’s all very well, but I don’t use Gmail so why the hell am I seeing this???!!! I also use Google Chrome, for which the homepage is also set to ‘https://www.google.com.au’, and that’s exactly what appear’s in the address bar so what the hell is going on???!!! How do I get out of this stupid SPF mode and back to the regular Google?

SPF has nothing to do with Gmail, or more correctly, it is not specific to Gmail.

I recommend clearing your cache, and searching google where you will find this issue posted numerous times, where you will also find many responses.

https://support.google.com/chrome/thread/36702121?hl=en

Sorry, but clearing Safari’s cache/cookies makes no difference! Even resetting Safari makes no difference! I do either of these at the end of each night anyway. Any other ideas?

I read the post in the link you provided and the poster describes the issue perfectly - mainly that it causes Google search to revert to the old late 1990s version. Unfortunately the reply’s offer no solution at the user’s end, instead attributing it to a supposed Google update that will sort itself out in 5 minutes. Sorry, but it’s been several days now and it still persists no matter what! Besides if it were due to an update it would clearly affect Chrome, which it isn’t! I also assume every other Safari user is affected or is it only affecting a certain domain range? (e.g. SPF starting with 15974 in my case)

What device/OS are you on?
Are you logged in to Google by default in Safari?
Are you a g Suite user?

I am running Safari on my iPad with the same home page. No SPF is shown. I will have a look on my Mac

I’m currently using a mid 2012 Macbook Pro 13 inch 2.5GHz running OSX Mavericks 10.9.5 so using Safari Version 9.1.3. As I said ‘https://www.google.com.au’ is set as the Homepage under both Safari and Chrome (Version 65.0.3325.181). I have neither a Google or G Suite account.

Those Google account user posts I read relating to this issue were 5 months ago! yet this SPF issue only started affecting Safari for me just this week. As I said Chrome is strangely unaffected.

Even if I manually enter ‘www.google.com.au’ in Safari’s address bar and hit return, it instantly adds the ‘/#spf=15974xxxxxxxx’ to the end. There’s no way to prevent it!

I’ve found another lot of posts from August 2019 relating to ‘#spf’ being added to ‘www.google.com’. In this case affecting ‘Internet Explorer’ (IE): https://www.bleepingcomputer.com/forums/t/702637/internet-explorer-adds-spf-to-googlecom-url/

One reply says it could be due to a Javascript script being loaded by Google? Well if I disable Javascript in Safari it does indeed prevent the #spf from being added, but obviously that’s not a workable solution. Besides it doesn’t explain why this is only occurring now or why not all browsers are affected?

Obviously one could infer the issue is related to Google’s Gmail since ‘Sender Policy Framework’ (SPF) is “an email authentication method designed to detect forged sender addresses during the delivery of email” (Wikipedia), but as I’ve stated I don’t have, nor have I ever had, a Gmail account or a G Suite account!

snarl, any update? Is it happening in Safari on your Mac?

No sign of the problem on my Mac. However, I am running the latest Safari on Catalina, so it is not really relevant given you are running older versions of Safari and Mac OS.

Chrome’s behaviour is probably not relevant as Google can easily suppress display of anything it wants to in Chrome. I wonder whether an independent browser such as FireFox would display it?

Is Google your default search engine in Safari? You could try setting it to DuckDuckGo temporarily to remove another possible Google vector.

Do you have any Google apps loaded? Anyone of them could be hosting a Google identity.

Hi DarkAvenger.

Pretty sure It’s due to the version of Safari you are running on Mavericks.

The URL I get running the latest OS and Safari versions shows up as

https://www.google.com.au/?client=safari

If I switch the User Agent in the Developer menu to match your versions I get

https://www.google.com.au/?client=safari#spf=xxxxxxxxxxxxx

Don’t think it should really be anything to worry about.

1 Like

Actually it may very well be relevant since it’s completely possible for this issue to equally affect the current version of Safari (13.1.2 or newer) since it’s also affecting some IE 11 users and 11 is the very latest version of IE under the current Windows 10. So there may well be those using Safari in Mac OS Catalina that are affected too. You just don’t know about them! So using the very latest Mac OS is no guarantee of not being affected, which is why I/we need to know the cause so the issue can be fixed.

You say “Chrome’s behaviour is not relevant as Google can easily suppress display of anything it wants to in Chrome”

I think you’re not fully understanding? The issue is a great deal more than just ‘#spf=xxxxxxxxxxxxx’ being added to the end of ‘https://www.google.com.au’ in the URL! It’s actually replaced Google’s current search engine (which I still see in Chrome) with their really old search engine (think circa 1999?). I want the current version back thank you very much! I’ll post some screenshots later on that’ll show the issue.

Google is my default search engine. I did test change it to ‘https://www.duckduckgo.com’ and that’s exactly what I get. Same with ‘https://www.bing.com’ i.e. nothing else being added so I can assume they’re the current search engines for each.

No I don’t have any Google apps installed.

It’s NOT due to the version of Safari I’m running since it only started happening from 11 August 2020! Otherwise explain why prior to 11 August 2020 it didn’t happen!

In regard to the URL you get running the latest Safari version, is it actually putting the ‘?client=safari’ in the URL as it shouldn’t be doing that at all! If all is working properly the URL should only be ‘https://www.google.com.au’ with nothing else showing after the ‘.com.au’!

You say if you switch ‘User Agent’ in the ‘Develop’ menu to match my version of Safari you too get the ‘#spf=xxxxxxxxxxxxx’ added to the URL. Are you saying you’re somehow running both Safari 9.1.3 and 13.1.2? Is that even possible? 9.1.3 requires ‘Mavericks’ as far as I understand? You can’t run it under a newer Mac OS! Or do you mean you have two partitions on your drive - one with Mavericks and the other with Catalina as that’s the only way it could be done?

You say it shouldn’t be anything to worry about - well yes it is as I want to use the current version of ‘Google Search’, not the ancient circa 1999 version! Yes Chrome is unaffected, but I’d prefer to use Safari.

Just trying to help and still suggest it is your browser.
Google is not a static website, it interacts differently depending on your browser.
When you go to google.com.au on your Safari browser it declares the version and the operating system.
If Google have implemented new features that aren’t compatible with your browser it will change the content presented to your browser.
If you have the developer menu enabled in Safari you can change how the browser declares itself to Google. In my instance I had to use a customised setting to replicate what your browser would declare.

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.75.14 (KHTML, like Gecko) Version/9.6.3 Safari/9746A194A

When my browser is default it declares the following

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15

Depending on which is used I get a different URL and different content.

You can try to enable your developer menu and use my settings to see what happens but it may break how some sites work.

Ps.
Chrome, Firefox and Microsoft Edge all show the following URL https://www.google.com.au/?gws_rd=ssl
My Safari shows https://www.google.com.au/?client=safari

Are you saying by changing User Agent you’re trying to trick Google in to thinking Firefox Version 5.0 running in Mac OS 10.15.6 Catalina is actually Safari Version 9.1.3 running in Mac OS 10.9.5 Mavericks? Is that right?

If I change User Agent (the options I see are: Safari 9.1.3, Safari iOS 9.3 - iPhone, Safari iOS 9.3 - iPod Touch, Safari iOS 9.3 - iPad, Microsoft Edge, Internet Explorer 11, Internet Explorer 10, Internet Explorer 9, Internet Explorer 8, Internet Explorer 7, Google Chrome - Mac, Google Chrome - Windows, Firefox - Mac, Firefox - Windows) it doesn’t matter which option I choose it makes no difference! I still get the same URL: https://www.google.com.au/#spf=xxxxxxxxxxxxx.

Your thought that if Google has implemented new features that aren’t compatible with my browser version it will change the content presented in the browser is an interesting thought, but I doubt would be correct as what would be more likely to happen is I’d still see the current version of Google Search, but that the new features simply wouldn’t work. In other words it’s not going to replace the current Google Search with a 20 year old version of Google Search.

My question to Google would be “Why are you even or still running an old 20+ year version of Google Search on your servers? Further why are you redirecting (because that’s what’s actually happening) some users to your old search engine”?

When I change the “User Agent” settings it pretends to Google that I am using a different browser but it won’t change how my browser functions. So Google may send information to the browser that it isn’t able to interpret.

Does the “User Agent” menu have an “Other…” option at the bottom?
If so you can copy and paste the text from my previous post.
As your Safari is an old version it probably won’t have any options to choose a browser later than when it was released (or last updated).

It may be a bug or something that Google have changed intentionally on their end.
Either way your version of Safari won’t display the most recent Google interface.
Don’t think there is anything you can do at your end to fix it. Only Google can.

Here’s a selection of screenshots of what Google Search currently looks like in my browser:


There are other functionality differences too, but that can’t obviously be shown in a screenshot. If you compare the screenshots to what you see in Google in say Chrome or the current Safari you’ll see just how different they are! What you see in Google Search is what I saw prior to 11 Aug 2020, but now I see as per the screenshots! You can clearly see Google has redirected me to their old ‘classic’ search engine!

In my version of Safari under ‘User Agent’ there is indeed an ‘Other’ (Custom User Agent) option. I did as you suggest (using your browser default setting) and it still makes no difference!

You say “Your version of Safari won’t display the most recent Google interface”, But the whole point is that it WAS displaying the most recent Google interface - up untill 10 August 2020! After that date I only get Google’s ‘classic’ interface!

You say it may be a bug at Google’s end or even something Google have changed intentionally (or unintentionally) at their end? I’ll agree to the point that I too believe the issue is of Google’s doing since clearly I’ve done nothing at my end! However this still doesn’t explain why only a minority of or a select few users are affected - even those using a current browser version! e.g. Internet Explorer 11 user ‘Triplehammer’ also being affected!

Google have a ‘Report a problem with Google Search’ page (https://support.google.com/websearch/answer/6223687?co=GENIE.Platform%3DDesktop&hl=en&oco=0)

I’ll see if I can submit a report and also a ‘Report suspicious redirects’ since my current Google Search page IS being redirected (against my wishes!) to the old Google Search page.

Before I try to file a report with Google. Could it be due to a browser ‘hijacker’ having infected my computer causing Safari to only serve an old version of Google Search? I did a scan of course (using ‘Malwarebytes Anti-Malware’), but no threats were found.

I doubt it’s any sort of browser hijacking as I get the same thing happening when I change my user agent settings.

I’ve submitted a report to Google through their ‘Send feedback’ option at the bottom of any results page. I had to submit it through Google Search in Chrome since classic Google Search has no such option. Anyway I’ve asked they (Google) contact me about the issue since it’s clearly the result of something they’ve done at their end so only they can fix it. whether I get a reply I’ll have to wait and see.

I’ve found a little piece of information. The ‘#’ appearing in the URL indicates a ‘fragment’ with ‘spf=xxxxxxxxxxxxx’ being the fragment in this case.

From my Googling:

“Any URL that contains a # character is a fragment URL. The portion of the URL to the left of the # identifies a resource that can be downloaded by a browser and the portion on the right, known as the fragment identifier, specifies a location within the resource” (Blog.HttpWatch.com)

In other words a fragment refers to a section within a webpage.

If I go to google.com.au and choose ‘Develop/Show Page Resources’ from Safari’s menu, I can see under ‘Resource’ for the ‘Location’, where it gives a breakdown of the URL, it does indeed give Fragment as spf=xxxxxxxxxxxxx.

Here’s a screenshot: