Safari/WebCore Content Sniffing

[fukami <sec () base-industries net>]

Hi!

Not 100% sure if this is a topic for fd so far.
So, please, put your flamethrower aside if it's not.

A couple of days ago I recognized, that Safari (and
other apps using WebCore on MacOS X) do something known
as "content sniffing". That means, if Safari gets a file
with Content-Type "plain/text" it looks into it, and if
the file contains a single(!) HTML- or JavaScript tag,
Safari treats that file as HTML.

There seems to be no way of changing that stupid behavior
in Safari/WebCore, and I was a shocked when I read the
following comment regarding Safari RSS in the upcoming
Tiger release [1] (found in Mark Pilgrims weblog [3],
who seems also concerned):

    Also, there is a bit of code way down in WebCore
    that sniffs the incoming page and, when it detects
    the start of an XML document that contains RSS or
    Atom, it auto-corrects the MIME type to
    application/xml+rss or application/xml+atom.

The W3C page "Internet Media Type registration, consistency
of use" [2] reads:

    An example of incorrect and dangerous behavior is a
    user-agent that reads some part of the body of a
    response and decides to treat it as HTML based on its
    containing a <!DOCTYPE declaration or <title> tag, when
    it was served as text/plain or some other non-HTML type.

All other browser I tested so far have the right behavior
and treat plain text files as plain text files.


   fukami

[1] http://inessential.com/?comments=1&postid=2885
[2] http://www.w3.org/2001/tag/2002/0129-mime#consistency
[3] http://diveintomark.org/archives/2004/08/13/safari-content-sniffing

--
A Discordian Shall Always use the Official Discordian Document
Numbering System.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html