W3C home > Mailing lists > Public > www-tag@w3.org > February 2011

RE: ACTION-472: New Mime-web-info draft

From: Larry Masinter <masinter@adobe.com>
Date: Tue, 1 Feb 2011 09:18:12 -0800
To: Yves Lafon <ylafon@w3.org>
CC: "Eric J. Bowman" <eric@bisonsystems.net>, "nathan@webr3.org" <nathan@webr3.org>, "ashok.malhotra@oracle.com" <ashok.malhotra@oracle.com>, Jonathan Rees <jar@creativecommons.org>, Noah Mendelsohn <nrm@arcanedomain.com>, "www-tag@w3.org" <www-tag@w3.org>
Message-ID: <C68CB012D9182D408CED7B884F441D4D058EDDD6BD@nambxv01a.corp.adobe.com>
>> Wasn't there a proposed (or implemented) "I really mean the content-type
>> header please don't sniff" HTTP header?

> Yes: "MIME-Handling: Sniffing Opt-Out"

> Discussion thread here:
> http://lists.w3.org/Archives/Public/ietf-http-wg/2008JulSep/0002.html

> I mean it will always lead to "I really mean it" and "I really really mean 
> it" (wash, rinse, repeat)

Not necessarily. What's necessary is a reasonable transition plan,
e.g., that browsers implement and deploy (with significant distribution...
say 75%) before web sites start sending.

I think partly the question is not "is sniffing good or bad" but rather
"who does the sniffing". Let's say the header was:

MIME-Handling: Already-did-sniffing

That is: "The content-type labeled here is a result of sniffing
on the server". 

This doesn't tell the client what to do, it just tells the client that
the server already did whatever sniffing the server thought was appropriate
for this server's content.

The observation is that many servers *have* to do sniffing because
the server-side file extensions are inadequate. But, having done it
once, don't do it again.

The "sniffing" draft is now a work item of websec, not sure how to
coordinate that, or whether we should send a comment through that
working group?


Larry
Received on Tuesday, 1 February 2011 17:19:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 26 April 2012 12:48:30 GMT