On Sun, Oct 23, 2011 at 8:26 PM, Larry Masinter wrote:
>> Agree with this one.
>> With one addition: it must be clear, that if you "opt-in" for sniffing, than
>> you MUST (SHOULD?) follow the mime-sniffing algorithm.
>
> I don't think that's possible. I think the crux of this issue is that I don'
> Agree with this one.
> With one addition: it must be clear, that if you "opt-in" for sniffing, than
> you MUST (SHOULD?) follow the mime-sniffing algorithm.
I don't think that's possible. I think the crux of this issue is that I don't
think the "mime-sniffing algorithm" is currently structured
Agree with this one.
With one addition: it must be clear, that if you "opt-in" for sniffing,
than you MUST (SHOULD?) follow the mime-sniffing algorithm.
Kind regards, Tobias
On 24/10/11 00:48, websec issue tracker wrote:
#20: Sniffing should be "opt in" on a case-by-case basis
The way t
#20: Sniffing should be "opt in" on a case-by-case basis
The way the document is written as a normative algorithm makes it hard to
say this, but:
Every implementation should be free to "opt out" of sniffing based on
other information it has (previous experience with the site, information
bas