- From: Anne van Kesteren <notifications@github.com>
- Date: Wed, 21 Nov 2018 03:14:52 -0800
- To: whatwg/fetch <fetch@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Wednesday, 21 November 2018 11:15:14 UTC
annevk commented on this pull request.
> @@ -471,6 +685,9 @@ each other by 0x2C 0x20, in order.
"<code>text/plain</code>", then return false.
</ol>
+ <p class=warning>This intentionally does not use <a>extract a MIME type</a> as that algorithm is
+ rather forgiving and servers are not expected to implement it.
Yeah, but the security problem is a mismatch between the browser and a server and therefore this parser is more conservative.
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/whatwg/fetch/pull/831#discussion_r235346340
Received on Wednesday, 21 November 2018 11:15:14 UTC