Content Types in browsers, can we use the Mime??

Posted by SoLoGHoST on Stack Overflow See other posts from Stack Overflow or by SoLoGHoST
Published on 2010-05-15T13:42:44Z Indexed on 2010/05/15 13:44 UTC
Read the original article Hit count: 190

Filed under:
|

Ok, I am wondering which mime types are dangerous in browsers? That is to say setting the Content Type to that mime type?? Which mime types, if any would pose a security risk??

I am noticing that many forum software, when uploading files, use the application/octet-stream for any files other than images and place that into the Content Type of the header. I am wondering why don't they place the actual mime-type instead into the Content Type? Are there security risks involved with this? So far I have used text/css, text/plain, audio/mpeg, and many others and haven't noticed any difference between application/octet-stream and these others.

Does anyone out there know the exact difference, and what makes application/octet-stream any better, or any worse...to use for the Content Type??

Thank You :)

© Stack Overflow or respective owner

Related posts about mimetypes

Related posts about content-type