Content Types in browsers, can we use the Mime??
- by SoLoGHoST
Ok, I am wondering which mime types are dangerous in browsers? That is to say setting the Content Type to that mime type?? Which mime types, if any would pose a security risk??
I am noticing that many forum software, when uploading files, use the application/octet-stream for any files other than images and place that into the Content Type of the header. I am wondering why don't they place the actual mime-type instead into the Content Type? Are there security risks involved with this? So far I have used text/css, text/plain, audio/mpeg, and many others and haven't noticed any difference between application/octet-stream and these others.
Does anyone out there know the exact difference, and what makes application/octet-stream any better, or any worse...to use for the Content Type??
Thank You :)