Agreed, but people seem to often miss this point. There is nothing special in browsers that allows them to do something that "scripts" cannot do. They are both HTTP user agents.
I hate the whole song and dance too with how you have to fake your user agent and add human like delay to interactions whenever you make a useful script on the web these days. You aren't stopping malicious behavior since they know how to penetrate these systems trivially, you just make it harder for the average user who has to learn as they go how to rope around these issues and hope they don't get IP banned along the way for making a website slightly more useful to them.