Re: MIME sniffing
Julian Reschke <julian.reschke@gmx.de> Wed, 02 December 2020 12:24 UTC
Return-Path: <julian.reschke@gmx.de>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ACE23A132C for <ietf@ietfa.amsl.com>; Wed, 2 Dec 2020 04:24:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gmx.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mavlcCDXy7Pf for <ietf@ietfa.amsl.com>; Wed, 2 Dec 2020 04:24:33 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44FB23A1329 for <ietf@ietf.org>; Wed, 2 Dec 2020 04:24:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1606911869; bh=tspD6UlI5ZvAtyGDladH1KLz8HRxPcdQ8OPyizqvdio=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=Uaq2Ee8c1F0O36Il3O1JJEFahRM2HWKuv0cwxaZXUP9j0KMvE/PlS/UWRsIftBYTl 1g9baRC5NpJ2g18L7a+xXxANT7NAWTPx04AKHlkii26P/JCbKc82PX79/+E9voCfoZ xo8rv+xJWgrkAc9rpvoJNA7jb4Mp+ZN6DIX2owx4=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [192.168.178.20] ([91.61.51.63]) by mail.gmx.com (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MKbkM-1kU0kz0BsC-00L0oA for <ietf@ietf.org>; Wed, 02 Dec 2020 13:24:29 +0100
Subject: Re: MIME sniffing
To: ietf@ietf.org
References: <AA1E0A8464BC45FB4FA44684@PSB> <2D63A357-E253-462C-864D-2BF96D3E2E18@tzi.org> <F4CD3381C5D0E24C91FC4A91@PSB> <20201201030759.GJ5364@mit.edu> <5720F933910C959C9278EBCF@PSB> <CAMm+LwgpcLxSdzgfJy2441hjNWP=Fui-f8Oq1bZB=2QdZeOUNQ@mail.gmail.com> <160f4b58-cec3-d742-508b-d8bcb9017da4@network-heretics.com>
From: Julian Reschke <julian.reschke@gmx.de>
Message-ID: <7e48ca6a-eae9-252b-f79b-f9b5ea57cf2a@gmx.de>
Date: Wed, 02 Dec 2020 13:24:29 +0100
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.5.0
MIME-Version: 1.0
In-Reply-To: <160f4b58-cec3-d742-508b-d8bcb9017da4@network-heretics.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:GZnyljSA0YOhLrUiAyaH7qrfPbfEVOMa1FWVUFNa4MHh/5jNqto bOjtPGt0OKXZR8rEeNigrIfPaaJhjQph3JvYdy8nZkOHZqm9xw0Pmb8rrdDsCKqA8y9mFz0 /zJAolRIDflsHr05E4M4rXl7MKZgIfxBTYeZUlAvk0Pw4XCK/NmkSIgR25TtxcHqO128YNH +8KdmI9aVHYYbgXh3eMEg==
X-UI-Out-Filterresults: notjunk:1;V03:K0:j8/yECWw/e0=:wvsnEhc+CVef3zB2OAvyMm 1dR0Yz0gKFDHgKAns0XC+Spl73yoS3HW2r5h8KTwjonK/OBJlJ+iq09/AaY/UgNulJTYBlqHs CDy2hap2UQtyFjGZZRsJ94Qj4UbOJ3g+zTl30mQKNmsqr3q6Lffdwdh6rihAMTcawQWXRx7UL YxoeZPltJOn25Oj6u/99b16cctGVGehqtjBPKoHhBOY6C5gp3VQGg0xP4zjmU9M3ZOZC2ZL9m E9tZst23+CHH23M/cGAukIuPS7DBRweYfqJ1K5ww7Hdu1OEsECkTK+Ual93skENj+DCHGyffH 7IheFr80nWH+0ZBKqnuGN84k5r4dh4MfRL+F1yIlFW9GVjnkJUzdXrrhk6KNz2p9G8nLzA28O GueZRy36Fe7gi2NxNRSDWqRWUva3sgFAYqR4x0FD78UrV94fKu5hMGDsQQABRhWn4t5Smw1+Z pxC3yWZB3dhmusQFn71bV6If3VaogBhARS6aCI2IopsiIUsJUE0v1Q2peFAEtEMYMUI6AJuO/ WGFZ9vsvO4Qa5Ydn9qoNgJD1FODmHKwVLT4Z8nFDOn4miTF55zQ6sd0ZfnvU573KP96ukg7Jh JOnuI9X+rE8fxkkbQb8A/BvnpfL/6NVs8nIRddZmJ/eXBDK3g09BCPPYA1XnmPNqz/Lrdby7R SXx1IIVfbLUnekgUvrXh56SJCPlCIZvSXPse5N1lf4OYl3S7l9UBoZhflofXk9L3Y6DnTDHYJ wFwcIKdFBIhCb1l+w4AQwdedj7Y1RQuZsme3tUzN4ymjJoi1Sykm7hFJvQcRcyxUjX5JPvPvA g3mZye8gHJ9u9OIi6+F5RYHhdwKCUZB7CYxMa7foBHr7LfoQar/hMV9zYz4lu6/NfvYgxjLGu IlabTflOa/0myZ0Wt9hQ==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf/wl2OG87LK9A3346rxHzrOPZsyvY>
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf/>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Dec 2020 12:24:35 -0000
Am 02.12.2020 um 12:42 schrieb Keith Moore: > On 12/2/20 12:00 AM, Phillip Hallam-Baker wrote: > >> The biggest mistake in the Web protocols was accepting the dictum of >> being permissive in what is accepted. Horrors like MIME sniffing might >> had been avoided if enough browsers had insisted on literal >> interpretation of content type. > > The fundamental problem there is that the server doesn't have a reliable > way of knowing the content-type. The server can't reliably tell it In which case it shouldn't send any. Unfortunately, some servers did in the past, and clients worked around that. > ... Best regards, Julian
- Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Carsten Bormann
- Re: Two FTP issues John C Klensin
- Re: Two FTP issues Theodore Y. Ts'o
- Re: Two FTP issues Joseph Touch
- Re: Two FTP issues Salz, Rich
- Re: Two FTP issues Larry Masinter
- Re: Two non-FTP issues John Levine
- Re: Two non-FTP issues Keith Moore
- Re: Two FTP issues John C Klensin
- Telnet and FTP to Historic Phillip Hallam-Baker
- MIME sniffing Keith Moore
- Re: Telnet and FTP to Historic Keith Moore
- Re: MIME sniffing Julian Reschke
- Re: MIME sniffing Keith Moore
- Re: Telnet and FTP to Historic Adam Roach
- Re: Telnet and FTP to Historic Carsten Bormann
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Carsten Bormann
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic Michael Thomas
- Re: Telnet and FTP to Historic Scott O. Bradner
- Re: Telnet and FTP to Historic John C Klensin
- Re: Telnet and FTP to Historic Scott O. Bradner
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Mark Andrews
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Scott Bradner
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Stephen Farrell
- Re: Telnet and FTP to Historic Jared Mauch
- Re: Telnet and FTP to Historic Mark Andrews
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic John Levine
- Re: Telnet and FTP to Historic John C Klensin
- Re: Telnet and FTP to Historic Theodore Y. Ts'o
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Joe Touch
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Christian de Larrinaga
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Dave Cridland
- Re: Telnet and FTP to Historic Nick Hilliard
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic IETF Sergeant at Arms
- Re: Telnet and FTP to Historic Christian de Larrinaga
- Re: Telnet and FTP to Historic Michael Richardson
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Masataka Ohta
- Re: Telnet and FTP to Historic Joe Touch
- Re: Telnet and FTP to Historic Keith Moore
- Re: Telnet and FTP to Historic Adam Roach
- Re: Telnet and FTP to Historic Christian Huitema
- Re: Telnet and FTP to Historic Keith Moore
- Re: Telnet and FTP to Historic Phillip Hallam-Baker
- Re: Telnet and FTP to Historic Keith Moore