The charset sniffing is also complicated by the fact that sometimes user agents need to parse some of the HTML to find a <meta> element. In some situations, user agents need to restart the parsing algorithm, which is quite delicate and better to describe in the same document as HTML parsing (at least for use by HTML processing engines).
Adam On Sun, Oct 23, 2011 at 8:24 PM, Tobias Gondrom <tobias.gond...@gondrom.org> wrote: > <hat="individual"> > I tend not to agree with that. > > The fact that charset sniffing might happen at the same time as > mime-sniffing does not seem like a strong argument to include this in the > draft. > > Furthermore I would rather have these issues separate: > First you determine the content-type and then after that you may want to > determine the charset used within that content-type (if you really have to > sniff the charset). I can also imagine that charset sniffing algorithm might > be depending on the application identified by the sniffed mime-type, which > again would speak against throwing it in together with mime-sniffing.... > > Kind regards, Tobias > > > > On 24/10/11 00:55, websec issue tracker wrote: >> >> #22: content-type sniffing should include charset sniffing >> >> the HTML5 spec contains some algorithms for sniffing charset, overriding >> labeled charset, etc. >> >> MIME parameters like charset are as much a part of the content-type as >> the >> base internet media type, and any sniffing of parameters and other >> metadata (overriding content-type or guessing where it is not supplied or >> wrong) should be included in this document, since the sniffing will >> happen >> at the same time. >> > > _______________________________________________ > websec mailing list > websec@ietf.org > https://www.ietf.org/mailman/listinfo/websec > _______________________________________________ websec mailing list websec@ietf.org https://www.ietf.org/mailman/listinfo/websec
