On Wed, 01 Sep 2010 15:14:10 +0200, Boris Zbarsky <[email protected]> wrote:
On 9/1/10 4:12 AM, Philip Jägenstedt wrote:
If we start ignoring the Content-Type I expect we would also add
sniffing so that opening a video served with the wrong (or missing)
Content-Type still works in a top-level browsing context, as it does for
images (I think).
It can't possibly work for images. If I send a file as text/html, and
you load it from an <img> then you will render it as an image (possibly
a broken one). If you load it from a toplevel browsing context you will
render it as text/html, even if it's image data (where "you" possibly
excludes IE/Windows, which will do some sniffing in that situation).
Huh, I guessed incorrectly, neither serving a PNG as text/plain or
text/html makes it be sniffed and rendered in a top-level browsing context
in Opera. However, both work in IE8.
Why do you say that it can't possibly work? Are there any security risks
with the browser potentially interpreting a plain text or HTML document
and failing to decode it? Anything else?
--
Philip Jägenstedt
Core Developer
Opera Software
