[whatwg] Style sheet loading and parsing (over HTTP)
Henri Sivonen
hsivonen at iki.fi
Fri May 25 04:25:53 PDT 2007
On May 25, 2007, at 12:43, Gervase Markham wrote:
> Although I also mention my story as a general counterpoint to the
> "Well, obviously the browser should Do The Right Thing if the
> Content-Type is wrong" viewpoint. Content sniffing can have
> security consequences.
Aren't the security consequences mitigated if both Bugzilla and
browsers implement the sniffing as specified in HTML 5? That seems to
be the intent of speccing the sniffing.
It seems to me that the safer way to show plain text in a browser
content area is to use text/html and <plaintext>. :-/
--
Henri Sivonen
hsivonen at iki.fi
http://hsivonen.iki.fi/
More information about the whatwg
mailing list