Using Bugzilla to hide spam sites
Damien Miller
djm at mindrot.org
Mon May 14 22:47:33 UTC 2007
On Mon, 14 May 2007, Max Kanat-Alexander wrote:
> On Mon, 14 May 2007 22:20:43 +0100 Gervase Markham <gerv at mozilla.org>
> wrote:
> > Pondering more, I think the Content-Type restriction I suggested
> > might well fix this in the lowest profile way possible. After all,
> > anyone with editbugs (such as a triager) could switch the Content
> > Type to the "right" one, and we'd accept that change.
>
> Oh, I see. So they can still attach the thing, it just shows
> up as text/plain until they set it otherwise.
It isn't so simple: IE will "sniff" the content type and treat even
document served as text/plain as HTML if it sees a HTML-like code in the
first few hundred bytes.
-d
More information about the developers
mailing list