Re: Microsoft's "I mean it" content-type parameter from Henrik Nordstrom on 2008-07-03 (public-html@w3.org from July 2008)

From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Fri, 04 Jul 2008 00:36:50 +0200
To: Jamie Lokier <jamie@shareable.org>
Cc: Julian Reschke <julian.reschke@gmx.de>, "William A. Rowe, Jr." <wrowe@rowe-clan.net>, Robert Collins <robertc@robertcollins.net>, HTTP Working Group <ietf-http-wg@w3.org>, "public-html@w3.org" <public-html@w3.org>
Message-Id: <1215124610.32469.34.camel@henriknordstrom.net>

On tor, 2008-07-03 at 14:29 +0100, Jamie Lokier wrote:
> Also, it might it be invoked by servers which report *no* Content-Type?

Sniffing IS allowed in HTTP when there is no Content-Type. But if there
is a Content-Type is MUST be trusted to be correct.

Simple, efficient, beautiful. But fails when the content author has no
realistict means of controlling the content-type reported by the
server..

Regards
Henrik

Received on Thursday, 3 July 2008 22:37:54 UTC