- From: Luca Versari <notifications@github.com>
- Date: Thu, 13 May 2021 09:16:19 -0700
- To: w3ctag/design-reviews <design-reviews@noreply.github.com>
- Cc: Subscribed <subscribed@noreply.github.com>
Received on Thursday, 13 May 2021 16:16:32 UTC
> It is different than JPEG because we can't break all the JPEG-using pages by enforcing better security on them. Sure, but if an user cannot update their webserver to provide the correct mime type for image/jxl and image/avif, then the result will be as insecure as serving image/jpeg, and will not get the benefits of the reduced bandwidth from using a new format - this looks to me like a worse final result. > > A server-side opt-in is not the right solution because opting in to protecting your users is the opposite of how we should be doing security; you should opt in to exposing data, not opt in to protecting data. Still, a solution would then be to encourage web servers to opt in by default, instead of encouraging browsers to "opt in by default". This allows protection of old formats too, and it's not just limited to new formats. Moreover, adding barriers to adoption of new format in name of increased security will just result in the new format not being adopted at all, which doesn't end up improving security. I cannot find any information of what kind of attacks would be possible due to mime type sniffing on images in a Spectre-based world. Could you elaborate more on this? -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/w3ctag/design-reviews/issues/633#issuecomment-840668637
Received on Thursday, 13 May 2021 16:16:32 UTC