W3C home > Mailing lists > Public > ietf-http-wg@w3.org > April to June 2009

Re: comments on draft-barth-mime-sniffing

From: Robert O'Callahan <robert@ocallahan.org>
Date: Wed, 17 Jun 2009 14:28:39 +1200
Message-ID: <11e306600906161928rd98d61dj8d966e0cf534f2a@mail.gmail.com>
To: David Singer <singer@apple.com>
Cc: Ian Hickson <ian@hixie.ch>, Adam Barth <w3c@adambarth.com>, Larry Masinter <masinter@adobe.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>, public-html@w3.org
On Wed, Jun 17, 2009 at 8:45 AM, David Singer <singer@apple.com> wrote:

> We're concerned about this, though we support the hope that we can get away
> from doing content-type sniffing in this area.
> 1) if you use a multimedia framework that you don't control, and it does
> content-type sniffing, then you get it whether you want it or not.
>  QuickTime does, so Safari does, right now.

But you (Apple) do control Quicktime, and that's no accident. There are
already many reasons why it's undesirable for a browser to depend on a
multimedia framework it doesn't directly or indirectly control.

But even if we end up allowing sniffing, we'll still definitely want
sniffing to be done consistently according to some spec, and media
frameworks will have to be changed to match.

2) End-users posting AV content rarely have access to the MIME type config.
> of their server (often, their ISP's server).  Getting the MIME type table
> updated can take ages.

That's OK, getting <video> support universally deployed will take ages too.
The old-school ISPs probably won't let you serve video from those accounts
anyway, and real hosting is cheap these days.

3) Once one browser gets a competitive 'edge' by sniffing, the rest usually
> follow.  It's hard to see why this would not happen in this case.

Sheer determination?

At least we can try being strict. If that doesn't work out, we can start
sniffing. It's impossible to go the other way.

Our data suggests that the amount of AV content on the net, today, that is
> served under 'wrong' MIME types is perhaps 10-15%, which doesn't seem
> ignorable.  One of the 'wrong' types is application/octet-stream, which
> seems to invite sniffing;  and of course a lot of the rest is text/plain,
> which is (I believe) Apache's default.

It's ignorable since that data is not currently served for consumption by
the <video> tag.

"He was pierced for our transgressions, he was crushed for our iniquities;
the punishment that brought us peace was upon him, and by his wounds we are
healed. We all, like sheep, have gone astray, each of us has turned to his
own way; and the LORD has laid on him the iniquity of us all." [Isaiah
Received on Wednesday, 17 June 2009 02:29:18 UTC

This archive was generated by hypermail 2.4.0 : Thursday, 2 February 2023 18:43:19 UTC