Re: [HASMAT] Parsing Content-Type
Julian Reschke <julian.reschke@gmx.de> Tue, 13 July 2010 16:53 UTC
Return-Path: <julian.reschke@gmx.de>
X-Original-To: hasmat@core3.amsl.com
Delivered-To: hasmat@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D23B83A6820 for <hasmat@core3.amsl.com>; Tue, 13 Jul 2010 09:53:11 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.383
X-Spam-Level:
X-Spam-Status: No, score=-3.383 tagged_above=-999 required=5 tests=[AWL=-2.644, BAYES_20=-0.74, WEIRD_PORT=0.001]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 98DZmeYYqTbZ for <hasmat@core3.amsl.com>; Tue, 13 Jul 2010 09:53:11 -0700 (PDT)
Received: from mail.gmx.net (mailout-de.gmx.net [213.165.64.23]) by core3.amsl.com (Postfix) with SMTP id A41B63A680D for <hasmat@ietf.org>; Tue, 13 Jul 2010 09:53:10 -0700 (PDT)
Received: (qmail invoked by alias); 13 Jul 2010 16:53:18 -0000
Received: from p508FE44B.dip.t-dialin.net (EHLO [192.168.178.33]) [80.143.228.75] by mail.gmx.net (mp017) with SMTP; 13 Jul 2010 18:53:18 +0200
X-Authenticated: #1915285
X-Provags-ID: V01U2FsdGVkX1/5W9BSdZD5P/GZu+Eg8RauyJrB61fUmKNJhmwNoO pEZk1P+twVYrTN
Message-ID: <4C3C99F8.2040405@gmx.de>
Date: Tue, 13 Jul 2010 18:53:12 +0200
From: Julian Reschke <julian.reschke@gmx.de>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.10) Gecko/20100512 Lightning/1.0b1 Thunderbird/3.0.5
MIME-Version: 1.0
To: Adam Barth <ietf@adambarth.com>
References: <op.vfr1o4on64w2qv@annevk-t60> <4C3C4831.5000007@gmx.de> <AANLkTilTSZHIdCxQ8Ip_c7aRHNYYQSghsRaPYFY9_VNM@mail.gmail.com> <4C3C93A5.30903@gmx.de> <AANLkTimwoQ4OQ_v8TYv8-PY0XIFD7ff71lo2ZXLPDXGf@mail.gmail.com>
In-Reply-To: <AANLkTimwoQ4OQ_v8TYv8-PY0XIFD7ff71lo2ZXLPDXGf@mail.gmail.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Y-GMX-Trusted: 0
Cc: hasmat@ietf.org
Subject: Re: [HASMAT] Parsing Content-Type
X-BeenThere: hasmat@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: HTTP Application Security Minus Authentication and Transport <hasmat.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hasmat>, <mailto:hasmat-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hasmat>
List-Post: <mailto:hasmat@ietf.org>
List-Help: <mailto:hasmat-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hasmat>, <mailto:hasmat-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 Jul 2010 16:53:11 -0000
On 13.07.2010 18:40, Adam Barth wrote: > On Tue, Jul 13, 2010 at 9:26 AM, Julian Reschke<julian.reschke@gmx.de> wrote: >> On 13.07.2010 18:10, Adam Barth wrote: >>>> Speaking of which: why would the fallback be "text/plain"? >>> >>> It depends on how the UA treats text/potato. It would not be >>> unreasonable to treat text/potato similarly to text/plain, depending >>> on the UA's purpose. >> >> Hm, no. Imho. >> >> "text/html;" is a parse error according to the ABNF. >> >> So the likely outcomes seem to be: >> >> 1) Treated as missing parameter, thus as "tex/html", or > > I don't understand where "tex/html" comes from in this discussion. It's a typo; I meant to say "text/html". >> 2) Treated as invalid header value, thus same as absent content-type header. >> >> In case 2 I wouldn't expect a default text handling. > > Testing makes perfect: > > $ cat testcase > HTTP/1.0 200 OK > Date: Tue, 13 Jul 2010 16:28:45 GMT > Expires: -1 > Content-Type: text/html; > > Potato > <b>Grass</b> > $ nc -l 9191< testcase > > Loading<http://localhost:9191/dd> in Firefox, Chrome, Safari, and > Opera causes the text "Grass" to be rendered bold, which means the > response is being treated as HTML. Based on other information, we Same for IE8. > know that this is not a result of the sniffing algorithm but rather a > result of the Content-Type header parser. Indeed. So what appears to happen is what I tried and failed to explain as option 1). > It's a separate question of whether we should specify this behavior in > this document, in another document, or not at all. It's also a > separate question of what we would like to imagine is going on > internally to generate the observable behavior. Indeed. Best regards, Julian
- [HASMAT] Parsing Content-Type Anne van Kesteren
- Re: [HASMAT] Parsing Content-Type Julian Reschke
- Re: [HASMAT] Parsing Content-Type Adam Barth
- Re: [HASMAT] Parsing Content-Type Julian Reschke
- Re: [HASMAT] Parsing Content-Type Adam Barth
- Re: [HASMAT] Parsing Content-Type Julian Reschke