- From: Maciej Stachowiak <mjs@apple.com>
- Date: Tue, 21 Aug 2007 19:10:42 -0700
- To: Roy T. Fielding <fielding@gbiv.com>
- Cc: Ian Hickson <ian@hixie.ch>, public-html@w3.org
On Aug 21, 2007, at 5:34 PM, Roy T. Fielding wrote: > On Aug 21, 2007, at 4:02 PM, Maciej Stachowiak wrote: >> The sniffing behavior in HTML5 is not orthogonal to the rest of the >> spec. It depends on the loading context. <iframe src="gif-sent-with- >> text-plain-type.txt"> will have different results than <img >> src="gif-sent-with-text-plain-type.txt">. This is necessary both >> for compatibility and to minimize the scope of the content sniffing. > > No, it just guarantees that intermediaries (which have no idea of the > context) will always have a different sniffing algorithm than the > browsers. Brilliant. Are there any other security holes in MSIE you > want to make standard? Can you clarify how it is a security hole to treat something as either a GIF image or unknown binary data in different contexts, when the server incorrectly reports it to be text/plain? The vulnerability is not obvious to me. Regards, Maciej
Received on Wednesday, 22 August 2007 02:10:52 UTC