* WGs marked with an * asterisk has had at least one new draft made available during the last 5 days

Ticket #155: i155.diff

File i155.diff, 2.0 KB (added by julian.reschke@gmx.de, 5 years ago)

Proposed extended text for P3 Section 3.2.1

  • p3-payload.xml

     
    793793   Content-Type specifies the media type of the underlying data. Any HTTP/1.1 
    794794   message containing an entity-body &SHOULD; include a Content-Type header 
    795795   field defining the media type of that body, unless that information is 
    796    unknown.  If the Content-Type header field is not present, it indicates that 
     796   unknown. 
     797</t> 
     798<t>    
     799   If the Content-Type header field is not present, it indicates that 
    797800   the sender does not know the media type of the data; recipients &MAY; 
    798801   either assume that it is "application/octet-stream" (<xref target="RFC2046" x:fmt="," x:sec="4.5.1"/>) 
    799802   or examine the content to determine its type. 
    800803</t> 
    801804<t> 
     805   In practice, currently-deployed servers sometime provide a Content-Type 
     806   header which does not correctly convey the intended interpretation of the 
     807   content sent, with the result that some clients will examine the response 
     808   body's content and override the specified type. 
     809</t> 
     810<t> 
     811   Client that do so risk drawing incorrect conclusions, which may expose 
     812   additional security risks (e.g., "privilege escalation"). Implementers are 
     813   encouraged to provide a means of disabling such "content sniffing" when it 
     814   is used. 
     815</t> 
     816<t> 
    802817   Content-Encoding may be used to indicate any additional content 
    803818   codings applied to the data, usually for the purpose of data 
    804819   compression, that are a property of the requested resource.  There is 
     
    31453160      "IANA registry for content/transfer encodings" 
    31463161    </t> 
    31473162    <t> 
     3163      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/155"/>: 
     3164      "Content Sniffing" 
     3165    </t> 
     3166    <t> 
    31483167      <eref target="http://tools.ietf.org/wg/httpbis/trac/ticket/200"/>: 
    31493168      "use of term "word" when talking about header structure" 
    31503169    </t>