Ian Hickson wrote:
Note that the HTML5 spec requires browsers not to convert text/plain to a more dangerous type (text/plain is either treated as text/plain or application/octet-stream according to the spec).
Excellent.Although I also mention my story as a general counterpoint to the "Well, obviously the browser should Do The Right Thing if the Content-Type is wrong" viewpoint. Content sniffing can have security consequences.
Gerv
