On Fri, 25 May 2007, Gervase Markham wrote: > > Although I also mention my story as a general counterpoint to the "Well, > obviously the browser should Do The Right Thing if the Content-Type is > wrong" viewpoint. Content sniffing can have security consequences.
Yes, content-sniffing capable of privilege escalation is dangerous. I don't think the HTML5 sniffing algorithm can ever do that, but let me know if you find a way in which it can. (<img> element sniffing is under-defined right now, I need to define "a valid image" to not include SVG unless it has a privileged MIME type. But that's the only hole I know of.) -- Ian Hickson U+1047E )\._.,--....,'``. fL http://ln.hixie.ch/ U+263A /, _.. \ _\ ;`._ ,. Things that are impossible just take longer. `._.-(,_..'--(,_..'`-.;.'
