Using Bugzilla to hide spam sites
byron at glob.com.au
Thu May 17 00:44:18 UTC 2007
> "Note: In Internet Explorer 6 for Microsoft Windows XP Service Pack 2
> (SP2), the MIME type "text/plain" is not ambiguous, and is never
> rendered as HTML in the restricted zone, even if the content suggests
> that this is the correct format."
> So, given that all IE users should be using the latest version and it's
> their own fault if they aren't, I suggest the following algorithm.
the key part of that quote is "in the restricted zone". internet sites
are not in this zone by default.
as part of the xsp2 beta microsoft experimented with disabling mime type
sniffing, however they ended up reenabling it due to the number of
broken sites. it's now a security setting:
Miscellaneous --> Open files based on content, not file extension
this option is enabled by default on the internet zone, so we can't rely
on it being enabled.
begin-base64 644 signature.gif
More information about the developers