- From: Adam Barth <w3c@adambarth.com>
- Date: Fri, 12 Jun 2009 22:31:14 -0700
- To: Adrien de Croy <adrien@qbik.com>
- Cc: David Morris <dwm@xpasc.com>, ietf-http-wg@w3.org
On Fri, Jun 12, 2009 at 7:57 PM, Adrien de Croy<adrien@qbik.com> wrote: > Adam Barth wrote: >> For better or worse, we can't use file extensions as part of the >> content sniffing algorithm because it's insecure. In many attack >> scenarios, the attacker chooses the file extension. > > I presume therefore you can't use the content-type or file content either, > since these are also potentially provided by an attacker? The content sniffing algorithm is a careful balancing act of compatibility and security concerns. For an in-depth discussion of the security rationale behind the current algorithm, please see: http://www.adambarth.com/papers/2009/barth-caballero-song.pdf > I'm not sure what a Windows client that wants to launch an external > application will do if it can't use the file extension, unless there's some > database in Windows that maps to executables on some index other than file > extension? Thankfully this algorithm is not intended for use by a Windows client in determining which external application to launch. > How does Chrome handle this? Chrome determines which external application to launch by the file extension, not by the media type. However, that's somewhat irrelevant to this discussion. Adam
Received on Saturday, 13 June 2009 05:32:11 UTC