[html5] r1957 - [] (0) More cleanup around <img> elements and images: Make the sniffing more pre [...]

whatwg at whatwg.org whatwg at whatwg.org
Tue Jul 29 20:01:06 PDT 2008


Author: ianh
Date: 2008-07-29 20:01:05 -0700 (Tue, 29 Jul 2008)
New Revision: 1957

Modified:
   index
   source
Log:
[] (0) More cleanup around <img> elements and images: Make the sniffing more predictable (and maybe more secure), make it clear that <img> does sniffing, minor editorial fixes.

Modified: index
===================================================================
--- index	2008-07-30 02:24:02 UTC (rev 1956)
+++ index	2008-07-30 03:01:05 UTC (rev 1957)
@@ -6641,9 +6641,6 @@
       
   </table>
 
-  <p>User agents must ignore any rows for image types that they do not
-   support.
-
   <p>Otherwise, the sniffed type of the resource is the same as its <var
    title="">official type</var>.
 
@@ -15520,18 +15517,25 @@
    title=event-load>load</code> event</a> on the <code><a
    href="#img">img</a></code> element (this happens after <code
    title=dom-img-complete><a href="#complete">complete</a></code> starts
-   returning true). If the download fails or it completes but the image is
-   not a valid or supported image, the user agent must <a
-   href="#firing5">fire an <code title=event-error>error</code> event</a> on
-   the <code><a href="#img">img</a></code> element.
+   returning true). If the download fails without a response from the remote
+   server, or it completes but the image is not a valid or supported image,
+   the user agent must <a href="#firing5">fire an <code
+   title=event-error>error</code> event</a> on the <code><a
+   href="#img">img</a></code> element.
 
-  <p>The remote server's response metadata (e.g. an HTTP 404 status code, or
-   <a href="#content-type5" title=Content-Type>associated Content-Type
-   headers</a>) must be ignored when determining whether the resource
-   obtained is a valid image or not.
+  <p>Whether the image is fetched successfully or not (e.g. whether the
+   response code was a 2xx code or equivalent) must be ignored when
+   determining the image's type and whether it is a valid image.
 
-  <p class=note>This allows servers to return images with error responses.
+  <p class=note>This allows servers to return images with error responses,
+   and have them displayed.
 
+  <p>The user agents should apply the <a href="#content-type8"
+   title="Content-Type sniffing: image">image sniffing rules</a> to determine
+   the type of the image, with the image's <a href="#content-type5"
+   title=Content-Type>associated Content-Type headers</a> giving the <var
+   title="">official type</var>.
+
   <p>User agents must not support non-image resources with the <code><a
    href="#img">img</a></code> element. User agents must not run executable
    code (e.g. scripts) embedded in the image resource.
@@ -16654,7 +16658,8 @@
      href="#plugin">plugin</a> for it.
   </ol>
 
-  <p>Whether the resource is fetched successfully or not must be ignored when
+  <p>Whether the resource is fetched successfully or not (e.g. whether the
+   response code was a 2xx code or equivalent) must be ignored when
    determining the resource's type and when handing the resource to the
    plugin.
 

Modified: source
===================================================================
--- source	2008-07-30 02:24:02 UTC (rev 1956)
+++ source	2008-07-30 03:01:05 UTC (rev 1957)
@@ -4656,9 +4656,6 @@
     <!-- XXX Mozilla also detects ART (AOL proprietary format) and Windows Cursor files -->
   </table>
 
-  <p>User agents must ignore any rows for image types that they do not
-  support.</p>
-
   <p>Otherwise, the sniffed type of the resource is the same as
   its <var title="">official type</var>.</p>
 
@@ -13068,19 +13065,24 @@
   title="event-load">load</code> event</span> on the <code>img</code>
   element (this happens after <code
   title="dom-img-complete">complete</code> starts returning true). If
-  the download fails or it completes but the image is not a valid or
-  supported image, the user agent must <span>fire an <code
-  title="event-error">error</code> event</span> on the
-  <code>img</code> element.</p>
+  the download fails without a response from the remote server, or it
+  completes but the image is not a valid or supported image, the user
+  agent must <span>fire an <code title="event-error">error</code>
+  event</span> on the <code>img</code> element.</p>
 
-  <p>The remote server's response metadata (e.g. an HTTP 404 status
-  code, or <span title="Content-Type">associated Content-Type
-  headers</span>) must be ignored when determining whether the
-  resource obtained is a valid image or not.</p>
+  <p>Whether the image is fetched successfully or not (e.g. whether
+  the response code was a 2xx code or equivalent) must be ignored when
+  determining the image's type and whether it is a valid image.</p>
 
   <p class="note">This allows servers to return images with error
-  responses.</p>
+  responses, and have them displayed.</p>
 
+  <p>The user agents should apply the <span title="Content-Type
+  sniffing: image">image sniffing rules</span> to determine the type
+  of the image, with the image's <span title="Content-Type">associated
+  Content-Type headers</span> giving the <var title="">official
+  type</var>.</p>
+
   <p>User agents must not support non-image resources with the
   <code>img</code> element. User agents must not run executable code
   (e.g. scripts) embedded in the image resource.</p>
@@ -14266,9 +14268,10 @@
 
   </ol>
 
-  <p>Whether the resource is fetched successfully or not must be
-  ignored when determining the resource's type and when handing the
-  resource to the plugin.</p>
+  <p>Whether the resource is fetched successfully or not (e.g. whether
+  the response code was a 2xx code or equivalent) must be ignored when
+  determining the resource's type and when handing the resource to the
+  plugin.</p>
 
   <p class="note">This allows servers to return data for plugins even
   with error responses (e.g. HTTP 500 Internal Server Error codes can




More information about the Commit-Watchers mailing list