[whatwg] "Content-Disposition" property for <a> tags

Dennis Joachimsthaler dennis at efjot.de
Thu May 26 14:51:43 PDT 2011

Am 26.05.2011, 22:58 Uhr, schrieb Julian Reschke <julian.reschke at gmx.de>:

> On 2011-05-26 22:54, Dennis Joachimsthaler wrote:
>> Am 26.05.2011, 22:53 Uhr, schrieb Boris Zbarsky <bzbarsky at mit.edu>:
>>> Probably no one, to a first approximation, but we were specifically
>>> talking about non-Windows systems. On Windows, as I said, Gecko forces
>>> extensions to match content types, to avoid this sort of issue in
>>> general.
>> Yep, yep... If browsers implement the filename (+ extension) name  
>> changing
>> we should make it a MUST to implement security...
>> ...
> Like  
> <http://greenbytes.de/tech/webdav/draft-ietf-httpbis-content-disp-latest.html#rfc.section.4.3>?
> Best regards, Julian

Ah, that sort of security is a SHOULD here, already.

We should just copy this over, it looks good.

Browsers should just use the same behaviour when encountering the function  
a HTML attribute.

I forsee a great future :-)

- Dennis Joachimsthaler

More information about the whatwg mailing list