[whatwg] [mimesniff] Treating application/octet-stream as unknown for sniffing

Michal Zalewski lcamtuf at coredump.cx
Wed Nov 28 22:42:29 PST 2012


There are substantial negative security consequences to sniffing
content on MIME types that are commonly used as default fallback
values by web servers or web application developers. This includes
text/plain and application/octet-stream.

/mz



More information about the whatwg mailing list