On 07.09.2010 11:51, And Clover wrote:
On 09/07/2010 03:56 AM, Boris Zbarsky wrote:
P.S. Sniffing is harder that you seem to think. It really is...
Quite. It surprises and saddens me that anyone wants to argue for *more*
sniffing, and even enshrining it in a web standard.
+1
Sniffing is a perpetual disaster that, after several security-sensitive
problems, web browsers have been moving to deprecate/mitigate. If
browsers want to guess types when no Content-Type is specified(*) then
fine, but there is no good reason to ignore an explicitly-set type. I
don't want my `application/octet-stream` file download service to be
repurposeable as a video player for some other party!
Hmm, that's what "Content-Disposition: attachment" is for...
...
Best regards, Julian
