W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2010

Re: TAG requests addition to section 3.2.1 of Part 3 [#155]

From: Henrik Nordström <henrik@henriknordstrom.net>
Date: Mon, 21 Jun 2010 10:21:54 +0200
To: Mark Nottingham <mnot@mnot.net>
Cc: HTTP Working Group <ietf-http-wg@w3.org>
Message-ID: <1277108514.24124.60.camel@henriknordstrom.net>
lör 2010-06-19 klockan 12:03 +1000 skrev Mark Nottingham:
> Just to the HTTPbis WG: any objections to this revised text for #155?

Would have helped if the text had been quoted together with the
question. I guess from the thread that it's this:


        In practice, currently-deployed servers sometime provide a
        Content-Type header which does not correctly convey the intended
        interpretation of the content sent, with the result that some
        clients will examine the response body's content and override
        the specified type.
        Client that do so risk drawing incorrect conclusions, which may
        expose additional security risks (e.g., "privilege escalation").
        Implementers are encouraged to provide a means of disabling such
        "content sniffing" when it is used.
If this is the text you refer to then +1 From me. I think this
represents the general view of the group, and works well together with
the rest of the document text on Content Type.

Received on Monday, 21 June 2010 08:22:30 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 11:10:53 UTC