[whatwg] Style sheet loading and parsing (over HTTP)

On May 25, 2007, at 12:43, Gervase Markham wrote:

> Although I also mention my story as a general counterpoint to the  
> "Well, obviously the browser should Do The Right Thing if the  
> Content-Type is wrong" viewpoint. Content sniffing can have  
> security consequences.

Aren't the security consequences mitigated if both Bugzilla and  
browsers implement the sniffing as specified in HTML 5? That seems to  
be the intent of speccing the sniffing.

It seems to me that the safer way to show plain text in a browser  
content area is to use text/html and <plaintext>. :-/

-- 
Henri Sivonen
hsivonen at iki.fi
http://hsivonen.iki.fi/

Received on Friday, 25 May 2007 04:25:53 UTC