W3C home > Mailing lists > Public > whatwg@whatwg.org > May 2007

[whatwg] Style sheet loading and parsing (over HTTP)

From: Henri Sivonen <hsivonen@iki.fi>
Date: Fri, 25 May 2007 14:25:53 +0300
Message-ID: <13CFB6FD-EC4F-489F-A10D-8268B302A091@iki.fi>
On May 25, 2007, at 12:43, Gervase Markham wrote:

> Although I also mention my story as a general counterpoint to the  
> "Well, obviously the browser should Do The Right Thing if the  
> Content-Type is wrong" viewpoint. Content sniffing can have  
> security consequences.

Aren't the security consequences mitigated if both Bugzilla and  
browsers implement the sniffing as specified in HTML 5? That seems to  
be the intent of speccing the sniffing.

It seems to me that the safer way to show plain text in a browser  
content area is to use text/html and <plaintext>. :-/

-- 
Henri Sivonen
hsivonen at iki.fi
http://hsivonen.iki.fi/
Received on Friday, 25 May 2007 04:25:53 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:58:55 UTC