W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: Questions about draft-abarth-mime-sniff-00

From: Adam Barth <w3c@adambarth.com>
Date: Mon, 6 Apr 2009 18:34:54 -0700
Message-ID: <7789133a0904061834sf7790des166f494da6bc437f@mail.gmail.com>
To: Martin J. Dürst <duerst@it.aoyama.ac.jp>
Cc: Lisa Dusseault <lisa.dusseault@messagingarchitects.com>, HTTP Working Group <ietf-http-wg@w3.org>
On Mon, Apr 6, 2009 at 6:26 PM, "Martin J. Dürst"
<duerst@it.aoyama.ac.jp> wrote:
> For proxies and firewalls, the story may not be as simple.
> How will they be able to distinguish between content sent to
> browsers (where they can assume that the algorithm in this draft
> applies) and other content?

Their behavior will depend on their purpose.  Some proxies will wish
to be conservative and err on the side of safety (i.e., filter/block
assuming both sniffing and non-sniffing user agents).  Ultimately,
having two kinds of clients (sniffing and non-sniffing) is an
improvement on having the N types of clients we have today (where each
rolls its own sniffing algorithm).

Another option we could consider is supporting something like IE8's
X-Content-Type-Options: nosniff (whereby proxies and servers could
instruct their clients not to sniff).

Adam
Received on Tuesday, 7 April 2009 01:35:44 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:02 GMT