Re: X-Content-Type-Options: nosniff

On Wed, Apr 8, 2015 at 7:38 PM, David Walp <David.Walp@microsoft.com> wrote:
> Please, can you share which version of Internet Explorer you were working with?  Not sure if you know that in Windows 10  there has been a focus on making the browser interoperable with the actual Web.  A result of this work is a number of changes in the area you describe for the Windows 10 browser.  I wanted to know if these changes were reflected in your analysis.

I used IE11 on Windows 10.

I ended up adding this to the specification by the way:

  https://fetch.spec.whatwg.org/#x-content-type-options-header

There's still some open questions about which specifications should
define the MIME type whitelists, but in general it should be pretty
clear now how to implement it in a way that is mostly interoperable
with IE11 (except for where it dispatches load rather than error and a
few other minor things) and Chrome (when it comes to <script> anyway).


-- 
https://annevankesteren.nl/

Received on Wednesday, 8 April 2015 17:59:04 UTC