Re: X-Content-Type-Options: nosniff

Ok Anne, that was just awesome analysis. I'm very impressed with both
the depth and the clarity.

Aloha,
--
Jim Manico
@Manicode
(808) 652-3805

> On Apr 2, 2015, at 3:24 AM, Anne van Kesteren <annevk@annevk.nl> wrote:
>
>> On Thu, Apr 2, 2015 at 9:41 AM, Anne van Kesteren <annevk@annevk.nl> wrote:
>> I've been trying to figure out what this header does in Internet
>> Explorer 11 and Chrome dev and how we could maybe standardize it.
>
> <img> - Again only Internet Explorer supports this case. The network
> layer check is a filter on supported image formats. E.g. both
> image/png and image/gif MIME types can proceed and will produce a load
> event. However, if both are for a GIF resource that will only decode
> with the image/gif MIME type.
>
> That distinction would mean it's no longer just something we could
> check in Fetch. It means the image decoder (which typically handles a
> bunch of formats) needs to play an active role too. It's not entirely
> clear to me why it is desirable to be able to enforce a distinction
> between different image formats.
>
>
> --
> https://annevankesteren.nl/
>

Received on Friday, 3 April 2015 01:24:02 UTC