- From: Dan Connolly <connolly@w3.org>
- Date: Tue, 24 Feb 2009 13:12:49 -0600
- To: www-tag@w3.org
- Cc: public-w3c-ietf@w3.org
On Tue, 2009-02-24 at 12:10 -0600, Dan Connolly wrote: > Some news re ISSUE-24 contentTypeOverride-24... > http://www.w3.org/2001/tag/group/track/issues/24 > http://ietfreport.isoc.org/idref/draft-abarth-mime-sniff/ > Abstract > > Many Web servers supply incorrect Content-Type headers with their > HTTP responses. In order to be compatible with these Web servers, > Web browsers must consider the content of HTTP responses as well as > the Content-Type header when determining the effective mime type of > the response. This document describes an algorithm for determining > the effective mime type of HTTP responses that balances security and > compatibility considerations. I don't see anything in the Barth/Hickson draft that addresses or even acknowledges the feedback from when I put a similar draft together: [[ On Aug 17, 2007, at 1:51 PM, Dan Connolly wrote: > * Convince Web publishers to fix incorrectly labelled Web > content > and label it correctly in the future. > * Update the HTTP specification to match widely deployed > conventions captured in the HTML 5 draft. > > While the second option is unappealing, the first option seems > infeasible. It isn't infeasible. ... HTTP should not be changed to support broken and error-prone browsers. ... The Web needs to be able to support safety-critical information systems ... ]] -- Roy Fielding 17 Aug 2007 http://lists.w3.org/Archives/Public/www-tag/2007Aug/0034.html Hmm... perhaps this part acknowledges the feedback: "Note: The above algorithm is a willful violation of the HTTP specification. [RFC2616]" -- Dan Connolly, W3C http://www.w3.org/People/Connolly/ gpg D3C2 887B 0F92 6005 C541 0875 0F91 96DE 6E52 C29E
Received on Tuesday, 24 February 2009 19:13:01 UTC