Comment 7 for bug 34758
Revision history for this message
| Stuart Bishop (stub) wrote Re: librarian will set type to text/html though it should be text/plain | #7 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
We trust the mime type sent by the browser. So at the moment it is garbage in, garbage out.
If it is only a case of text/plain being sent as text/html, can we special case this in the Librarian? I can't think of a use case where we *want* to store HTML in the Librarian and have it served up as HTML. So we can make the Librarian serve HTML mime types as text/plain or better yet store them in the database as text/plain on upload. I think we need to do this one day anyway, as if the Librarian starts doing authentication it will become a source of attacks.