- From: Maciej Stachowiak <mjs@apple.com>
- Date: Sat, 30 May 2009 16:16:39 -0700
- To: Larry Masinter <masinter@adobe.com>
- Cc: Adam Barth <w3c@adambarth.com>, Ian Hickson <ian@hixie.ch>, Sam Ruby <rubys@intertwingly.net>, Anne van Kesteren <annevk@opera.com>, "Roy T. Fielding" <fielding@gbiv.com>, HTML WG <public-html@w3.org>
On May 30, 2009, at 10:09 AM, Larry Masinter wrote: > In the interest of improved stability, reliability, > security and extensibility of the Internet, I would > like to see some back-pressure on this by a > commitment from the browser vendors to restrict > content-type sniffing to those HTTP requests > which result from following links from HTML > documents which do not contain any features > not supported in currently widely deployed > browsers -- which is the minimum scope necessary > to accomplish the goals of this document. I.e., > if a web page contains any *new* HTML5 feature, > then content-type sniffing would NOT work. The browser vendors are all trying to scale back the scope of content sniffing. Agreeing on a consistent way to do it that can be shared with other browsers is one key step. Removing sniffing of HTML from text/plain is a very big step. However, your specific proposal for how to restrict the scope is not workable. Sniffing is there to deal with the linked resource being misconfigured. To treat the linked resource differently based on where the link came from is inconsistent with the architecture of the Web; links from anywhere to anywhere should work the same. Furthermore, this means that the moment a page uses a new HTML5 feature, it is at risk of its links to wholly external resources breaking. This is inconsistent with our goal to make it safe and easy to adopt new HTML5 features incrementally. This is why HTML5 is free of ocean-boiling big red switches. Regards, Maciej
Received on Saturday, 30 May 2009 23:17:18 UTC