W3C home > Mailing lists > Public > ietf-http-wg@w3.org > July to September 2008

Re: Microsoft's "I mean it" content-type parameter

From: William A. Rowe, Jr. <wrowe@rowe-clan.net>
Date: Thu, 03 Jul 2008 22:46:51 -0500
Message-ID: <486D9D2B.8090502@rowe-clan.net>
To: Justin James <j_james@mindspring.com>
CC: 'Karl Dubost' <karl@w3.org>, 'Daniel Stenberg' <daniel@haxx.se>, 'HTTP Working Group' <ietf-http-wg@w3.org>, public-html@w3.org

Justin James wrote:
> There are situations where content sniffing makes sense. 

Yes.  There is local file content.  There is unintelligent, ftp based
delivery.  These all need some context that doesn't exist behind the
delivery of the content.

> There are
> situations where it doesn't. The only way to resolve it is to have a flag
> that triggers a "no sniffing mode"; to do it the other way around (with a
> flag that *turns on* sniffing mode) would contradict existing behavior and
> therefore Break The Web.

Nonsense.  HTTP/1.1 defined the mechanism to do just this.  The fact that
vendors ignored this, suffered the consequences on vuln-dev and bugtraq,
and will continue to do so until they follow the protocol reiterates that
sniffing has a place, and within a well defined protocol this isn't it.
Received on Friday, 4 July 2008 03:47:41 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 17:13:36 UTC