Ignore:
Timestamp:
17/03/11 16:34:09 (11 years ago)
Author:
julian.reschke@…
Message:

Strengthen file extension handling requirement

File:
1 edited

Legend:

Unmodified
Added
Removed
  • draft-ietf-httpbis-content-disp/latest/draft-ietf-httpbis-content-disp.xml

    r1201 r1202  
    266266      extensions instead. Trusting the server-provided file extension could
    267267      introduce a privilege escalation when the saved file is later opened
    268       (consider ".exe"). Thus, recipients &SHOULD; ensure that a file extension
     268      (consider ".exe"). Thus, recipients which make use of file extensions
     269      to determine the media type &MUST; ensure that a file extension
    269270      is used that is safe, optimally matching the media type of the received
    270271      payload.
     
    10931094  Various editorial improvements.
    10941095  Add US-ASCII reference.
     1096  Strengthen file extension handling requirement to MUST for those recipients
     1097  that actually use file extensions to map media types.
    10951098</t>
    10961099</section>
Note: See TracChangeset for help on using the changeset viewer.