W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

RE: Content Sniffing impact on HTTPbis - #155

From: Brian Smith <brian@briansmith.org>
Date: Mon, 1 Jun 2009 14:22:41 -0500
To: "'Mark Nottingham'" <mnot@mnot.net>, "'HTTP Working Group'" <ietf-http-wg@w3.org>
Message-ID: <002501c9e2ee$5607b7d0$02172770$@org>
Mark Nottingham wrote:
> The text in question is in p3 section 3.2.1:
> > If and only if the media type is not given by a Content-Type field,
> > the recipient MAY attempt to guess the media type via inspection of
> > its content and/or the name extension(s) of the URI used to identify
> > the resource. If the media type remains unknown, the recipient
> > SHOULD treat it as type "application/octet-stream".

"If and only if...MAY..." is not the same as "MUST NOT ... if not". That is,
the above statement doesn't forbid an implementation from doing content
sniffing since it isn't a MUST NOT requirement.

> 1) remove the text "If and only if the media type is not given by a
> Content-Type field", leaving the specification of the sniffing
> algorithm to a separate document (possibly with some further
> constraints to discourage sniffing unless it's controlled, but this
> would be necessarily vague), or

+1. How applications interpret content is not really relevant as far as the
protocol is concerned. The HTTP specification should make it clear what
Content-Type represents and let applications decide whether (and how) to
make use of it.

- Brian
Received on Monday, 1 June 2009 19:23:16 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC