Content Sniff

From CSS Discuss

Jump to: navigation, search

File extensions are not a reliable determinant of content, as there has been no central registry of file formats which map to file extensions. This would leave User Agent guessing about how to handle any given content on the web. (Is it HTML? Is it Foo-bar? Is it Waka-bing?)

The Mime Type solves this problem, by requiring registration of a given Mime Type for a given file format.

Unfortunately, as new MIME Types evolve, servers lag behind in correct configuration, and browsers may be incapable of recognizing the new MIME Types, though they are, in fact, capable of rendering the content described by the MIME Type (or, at least, they can hand off to an application which is capable).

Internet Explorer addresses this problem by performing a Content Sniff , as described in MIME Type Detection in Internet Explorer.

However, such sniffing is incorrect and dangerous according to the W3C TAG, because content sniffing is akin to guessing, and it opens the door for mishandled content, security flaws, and so on.

When a new Mime Type is served, it should be registered with the server serving it. When a User Agent encounters a Mime Type it doesn't understand, it should not guess what it is, but either ignore the content, or provide visibility to the issue.

All of this is pertinent to the CSS author, because of the issue with Mozilla Css Mime Type.

Personal tools