- From: Phil Archer <phil.archer@icra.org>
- Date: Tue, 1 Feb 2005 09:31:56 -0000
- To: <www-rdf-interest@w3.org>
Thanks for this Charles and to Christopher Schmidt. Sorry for my slack terminology, Christopher, what I meant was that if I put a .rdf file on a Windows server and then browse to it (with any client), the sever gives a 404 response, even though the file is present. Clearly there are a lot of servers in use that don't support the RDF MIME type by default. However, they do support .xml. My organisation's aim is to get a significant number of websites to include RDF descriptions of their content for PICS-like (child protection) reasons. See http://www.w3.org/2004/12/q/doc/rdf-contentlabels.html Whilst it is easy for a professional to add a MIME type to a server, for hobby webmasters (and, let's be honest, a lot of "professional web designers") this is well beyond what can be expected.. So, the question is, does it make a practical difference if an RDF/XML instance is in a file with a .xml extension and a MIME type of application/xml, rather that nicely in a file with a .rdf extension and a MIME type of application.rdf+xml? Phil. ----- Original Message ----- From: "Charles McCathieNevile" <charles@sidar.org> To: "Phil Archer" <phil.archer@icra.org>; <www-rdf-interest@w3.org> Sent: Tuesday, February 01, 2005 4:16 AM Subject: Re: .rdf file extension security? > On Mon, 31 Jan 2005 22:13:32 -0000, Phil Archer <phil.archer@icra.org> > wrote: > >> Is there a security issue (real or perceived) around .rdf? Or is it just >> that the good folk at Geocities/Yahoo/BT haven't added .rdf to the list >> of allowed file types? > > I suspect the latter case. If you have real RDF it is pretty difficult to > include a security risk (although of course any file with any ending on > its name can carry something unpleasant...) > >> A Windows server I did manage to upload a .rdf file to then wouldn't >> serve it back under default settings. > > Hmmm. If you have to configure a windows server before it gets around to > handing back data you give it. Which seems a wierd design choice. > Otherwise, as already noted, it might just e served with a MIME type that > results in no software having a sensible indication of how to handle it. > > cheers > > -- > Charles McCathieNevile Fundacion Sidar > charles@sidar.org http://www.sidar.org >
Received on Tuesday, 1 February 2005 09:34:12 UTC