Le 17 févr. 2012 à 19:25, Ryosuke Niwa a écrit : > On Fri, Feb 17, 2012 at 10:10 AM, Paul Libbrecht <p...@hoplahup.net> wrote: > I have one concern: media-types are likely to be insufficient and "flavour > names", whatever they are on the host platform should be allowed I think. > Almost arbitrary strings on Windows and Uniform Type Identifiers on Mac > should be allowed, I think. > > Realistically, I don't think we'll ever let the wild Web get/set arbitrary > data like that. But maybe we can do that for privileged websites (ones that > the user trusts).
I'm easy here. I sure do not want to slow down progress of this spec. I think it makes sense but well... (I find UTIs rather sexy since they have inheritance which media-types do not have). Hallvord, it should be called media-types btw, or? > Yes, it does happen: I think I know that in Windows the supported > flavour-names depend on the launched applications. On Mac it depends on the > applications whose descriptor has been loaded (by the Finder I think, it > might also be those that have been launched once). At least an application > download and launch can cause a change in the supported media-types of the OS. > > Right. These will become problems if we decide to expose all platform types. > > However, would the browsers be informed of such a change? Would they be able > to consider a given type as being safe and not needing a sanitization? > > I don't think that's possible without some sort of pre-knowledge about how > the data is processed. In practice, we always hard-code this kind of > information somewhere so I'm even not sure if such an elaborate behavior can > be implemented. If anyone is willing to consider trusted web-sites (and MSIE already does?) then it is worth included. paul
