W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: comments on draft-barth-mime-sniffing

From: Joe D Williams <joedwil@earthlink.net>
Date: Wed, 17 Jun 2009 11:57:51 -0700
Message-ID: <7B98A144DE7849199C515B9E8F78D220@joe1446a4150a8>
To: "Adam Barth" <w3c@adambarth.com>
Cc: "Jonas Sicking" <jonas@sicking.cc>, "Mark Nottingham" <mnot@mnot.net>, "Dave Singer" <singer@apple.com>, "Shane McCarron" <shane@aptest.com>, <robert@ocallahan.org>, "Ian Hickson" <ian@hixie.ch>, "Larry Masinter" <masinter@adobe.com>, <ietf-http-wg@w3.org>, <public-html@w3.org>



> Hi Joe,

> I had a lot of difficulty understanding your message.  Are you 
> suggesting we sniff the media type from the file extension for audio 
> /video content?

Sorry Adam, I am saying any UA sniffing except the file extension is 
fruitless in the cases of <audio> and <video> given the spec group of 
content types allowed for these elements. In particular, the served 
content type is unpredicable and there is nothing inside the file that 
UA needs to know about before passing this type of file to the 
handler.

>> In particular, there are no "Security" issues.

If that is true for this set of elements using specified content 
models, then any sniffing that needs to be done is just the UA trying 
to shield the handler, which in this case should not be necessary. In 
particular, if there is any user interaction required to get these 
going, it should not be based on any security issure, just agreement 
with the users requested browsing environment.

But really, I'm just trying to make sure that it is a easy and 
reliable as feasible to use these. I think in this case the model says 
no need to sniff the file for anything else than it has the proper 
file extension for the element. Mostly, just load and run the thing 
asap.

Thanks and Best Regards,
Joe

> Adam
Received on Wednesday, 17 June 2009 18:58:38 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 27 April 2012 06:51:04 GMT