- From: Ian Hickson <ian@hixie.ch>
- Date: Thu, 24 Jul 2008 22:33:05 +0000 (UTC)
- To: Simon Pieters <simonp@opera.com>
- Cc: public-html <public-html@w3.org>
On Thu, 23 Aug 2007, Simon Pieters wrote: > > The spec says about <object>: > > 4. Determine the resource type, as follows: > > Big Issue: This says to trust the type. Should we instead use > the same mechanism as for browsing contexts? > > I've done some ad-hoc testing. (See these test cases as demos -- I'm not > entirely sure the pass conditions are actually according to the current > spec...) It seems that some sniffing is happening in browsers. > > > gif as text/plain: > http://simon.html5.org/test/html/semantics/object/mislabeled/001.htm > > Safari treats the resource as application/octet-stream, and downloads it (then > shows the fallback). > > Firefox uses the fallback. > > Opera shows the image. > > IE7 treats the resource as text/plain if some security setting is enabled, but > the infobar pops up and says that the content might not show up correctly. > When clicking the infobar and choosing "show restricted content" it is treated > as application/octet-stream, and a download dialog appears. The spec says to treat the image as image/gif, as of yesterday (until yesterday it said to treat it as application/octet-stream). > gif as text/html: > http://simon.html5.org/test/html/semantics/object/mislabeled/002.htm > > Abovementioned browsers treat it as HTML. Spec agrees. > gif as image/png: > gif as image/jpeg: > http://simon.html5.org/test/html/semantics/object/mislabeled/003.htm > http://simon.html5.org/test/html/semantics/object/mislabeled/004.htm > > It seems that image types are treated the same in browsers, and the > resources are basically fed through the image library that reads the > first few bytes before deciding what type of image it is. (This is also > the case for browsing contexts, btw.) Spec agrees. > flash as text/plain: > flash as text/plain with .swf extension: > http://simon.html5.org/test/html/semantics/object/mislabeled/005.htm > http://simon.html5.org/test/html/semantics/object/mislabeled/006.htm > > It seems the file extension makes a difference in some browsers. > > Safari treats the first as application/octet-stream (just like with 001) > and the second as application/x-shockwave-flash. > > Firefox treats both as text/plain. > > Opera uses the fallback for the first and treats the second as > application/x-shockwave-flash. > > IE7 treats the first as text/plain but shows the infobar (just like with > 001) and the second as application/x-shockwave-flash. The spec right now for <object> isn't influenced by the extension (it is for <embed>, though I'd like to change that). If we add Flash to the list of sniffable types, then these would get treated as Flash. > flash as application/octet-stream: > flash as application/octet-stream with .swf extension: > http://simon.html5.org/test/html/semantics/object/mislabeled/007.htm > http://simon.html5.org/test/html/semantics/object/mislabeled/008.htm > > Safari, Opera and IE7 use the fallback for the first and treat the second as > application/x-shockwave-flash. > > Firefox uses the fallback for both. Right now the spec treats application/octet-stream as a flag that means "defer to the type="" attribute". If there is no type attribute, it gets treated as application/octet-stream. Should we invoke the unknown type sniffing rules at that point? > flash as application/octet-stream, with type="": > flash as application/octet-stream with .swf extension, with type="": > http://simon.html5.org/test/html/semantics/object/mislabeled/009.htm > http://simon.html5.org/test/html/semantics/object/mislabeled/010.htm > > Safari treats both as application/x-shockwave-flash. > > Opera and Firefox use the fallback for the first and treats the second as > application/x-shockwave-flash. > > IE7 doesn't seem to ever finish loading these...? But the Flash plugin is used > for both nevertheless. > > Note that not treating 010 as application/x-shockwave-flash caused problems > for Mozilla: > > https://bugzilla.mozilla.org/show_bug.cgi?id=389677 application/octet-stream with type="" always defers to the type in the spec. -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
Received on Thursday, 24 July 2008 22:33:40 UTC