Am 26.05.2011, 22:58 Uhr, schrieb Julian Reschke <julian.resc...@gmx.de>:
On 2011-05-26 22:54, Dennis Joachimsthaler wrote:
Am 26.05.2011, 22:53 Uhr, schrieb Boris Zbarsky <bzbar...@mit.edu>:
Probably no one, to a first approximation, but we were specifically
talking about non-Windows systems. On Windows, as I said, Gecko forces
extensions to match content types, to avoid this sort of issue in
general.
Yep, yep... If browsers implement the filename (+ extension) name
changing
we should make it a MUST to implement security...
...
Like
<http://greenbytes.de/tech/webdav/draft-ietf-httpbis-content-disp-latest.html#rfc.section.4.3>?
Best regards, Julian
Ah, that sort of security is a SHOULD here, already.
We should just copy this over, it looks good.
Browsers should just use the same behaviour when encountering the function
in
a HTML attribute.
I forsee a great future :-)
- Dennis Joachimsthaler