Content Types in browsers, can we use the Mime??
Posted
by SoLoGHoST
on Stack Overflow
See other posts from Stack Overflow
or by SoLoGHoST
Published on 2010-05-15T13:42:44Z
Indexed on
2010/05/15
13:44 UTC
Read the original article
Hit count: 190
mimetypes
|content-type
Ok, I am wondering which mime types are dangerous in browsers? That is to say setting the Content Type to that mime type?? Which mime types, if any would pose a security risk??
I am noticing that many forum software, when uploading files, use the application/octet-stream for any files other than images and place that into the Content Type of the header. I am wondering why don't they place the actual mime-type instead into the Content Type? Are there security risks involved with this? So far I have used text/css, text/plain, audio/mpeg, and many others and haven't noticed any difference between application/octet-stream and these others.
Does anyone out there know the exact difference, and what makes application/octet-stream any better, or any worse...to use for the Content Type??
Thank You :)
© Stack Overflow or respective owner