Christopher Schultz wrote:
[...]
Yes, they do. MS, contrary to W3 specifications, sniffs the content of a
page and chooses the encoding and ignores any server-specified encoding.
It also does this with MIME types. (Sorry, can't find the reference
right now).
[...]
Here is a start, sympathetic to Microsoft :
http://blogs.msdn.com/ie/archive/2005/02/01/364581.aspx
And here is another relevant MS technical document (not for the faint of
heart) :
http://msdn.microsoft.com/en-us/library/ms775147.aspx
On the other hand, the HTTP 1.1 RFC section 7.2.1
http://www.w3.org/Protocols/rfc2616/rfc2616-sec7.html#sec7.2.1
says :
quote
Any HTTP/1.1 message containing an entity-body SHOULD include a
Content-Type header field defining the media type of that body. If and
only if the media type is not given by a Content-Type field, the
recipient MAY attempt to guess the media type via inspection of its
content and/or the name extension(s) of the URI used to identify the
resource. If the media type remains unknown, the recipient SHOULD treat
it as type "application/octet-stream".
unquote
(notice the "*if and only if* the media type is not given..")
In other words, IE's content sniffing is in clear violation of the HTTP
1.1 RFC, 99% of the time.
On the other hand, I once read a justification by one of the Microsoft
developers (as I recall that one was related to their implementation of
DAV, or "Web Folders"), which essentiually said this : there are
hundreds of millions of Windows (and IE) users, and most of them are
*not* developers. So, although we are ourselves developers and we would
very much like to adhere to the standards, our marketing people just
won't let us, if it risks inconveniencing several hundred million
average Windows users (and Microsoft customers), just to please the tiny
minority of several hundred thousand developers.
I think it's an argument, even a relatively democratic one ...
I also personally believe that if the Microsoft developers had not
started down the path a long time ago to believe that they could be
smarter than everyone else and could outguess webservers, and instead
had respected the HTTP RFC and just been more careful about which
documents IE opens (or worse, runs), they would have saved Microsoft and
the world countless bugs, countless viri and countless unproductive
hours of web-developer's forced work-arounds.
What I do not however understand is, considering the flak that each IE
bug or security advisory generates, why MS have never decided to create
and market another parallel browser (or maybe just one checkbox in the
regular IE), that would make it RFC-compliant. This way users could
just choose to either use a browser that is RFC-compliant and boring and
safe(r), or else enjoy all the gimmicks but risk the consequences.
But hey, I also do not know in how many viri-scanning companies MS owns
shares..
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]