hat=individual
personally I like the scope beyond http-only.
#1 The mis-configured header website part is in my view the main use case.
But scenarios where no content-type can be transmitted in the header,
like other protocols (e.g. ftp), filesystem, etc. seem to make sense too.
So in general
#15: Clarify scope of web sniffing
This issue may be broken down into several (is X in scope?) but this issue
is meant to cover the overall question to start with.
The introduction to the document cites the existence of mis-configured web
content served via HTTP as the primary justification
