Carsten Orthbandt <[EMAIL PROTECTED]> wrote: > It's obviously no big deal to re-add [Content-Type headers]. The point is > that all available material said that stripping Content-Type would be fine > and in fact it was. Now it's not and I suspect that we are not the only > ones to get bitten by it. A webapp that spews hundreds of red errors in > Firefox is simply not an option.
My company's firewall blocks all incoming HTTP responses that do not contain a valid Content-Type. I suspect that we are not alone in doing this. If you are selling such an application, would your customers find it acceptable that people couldn't access it? -- Stewart Brodie Software Engineer ANT Software Limited
