The current mimesniff spec says that when the Apache workaround is
applied sniffing should still be able to detect the content as
PostScript, images, videos, archives, audio formats, etc.
I feel that this poses an unacceptable security risk due to allowing
content through firewalls that is
First, let's get down to use cases. Kyle did a great job of describing
some key use cases:
On Wed, 10 Jul 2013, Kyle Simpson wrote:
[Use-case Q:] I am dynamically loading one of those social widgets that,
upon load, automatically scans a page and renders social buttons. I need
to be able