W3C home > Mailing lists > Public > whatwg@whatwg.org > May 2007

[whatwg] Style sheet loading and parsing (over HTTP)

From: Gervase Markham <gerv@mozilla.org>
Date: Fri, 25 May 2007 10:43:12 +0100
Message-ID: <4656AFB0.10208@mozilla.org>
Ian Hickson wrote:
> Note that the HTML5 spec requires browsers not to convert text/plain to a 
> more dangerous type (text/plain is either treated as text/plain or 
> application/octet-stream according to the spec).


Although I also mention my story as a general counterpoint to the "Well, 
obviously the browser should Do The Right Thing if the Content-Type is 
wrong" viewpoint. Content sniffing can have security consequences.

Received on Friday, 25 May 2007 02:43:12 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:55 UTC