Re: double-extensions in apache?

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MJoseph Sinclair at <-
MJoseph Sinclair at ->
Attachments:
Message as email
+ (text/plain)
Delete this message
Reply to this message
Author: Eric Shubert
Date:  
To: plug-discuss
Subject: Re: double-extensions in apache?
On 03/20/2011 01:11 AM, Joseph Sinclair wrote:
>
> There are tools to check your site and ensure everything is clean with extensions, metadata, etc... Those should be used by everyone developing a website.
> There are also settings to disable content-type-determination on uploads, and those should ALWAYS be enabled.

I'd like to be clear about this. Do you mean to say that the setting to
disable content-type-determination should be enabled (which appears to
be what you said), or that the content-type-determination setting should
be enabled?

> It's OK to guess the content type of a file in the filesystem, but an HTTP PUT request is supposed to *tell* you the mime type, and if it doesn't then the sender simply cannot be trusted to put content to your site.
>
> Just my thoughts on the matter.
>
> ==Joseph++
>

--
-Eric 'shubes'

---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

This message was posted to the following mailing lists:
Plug Discuss
Mailing List Info | Nearby Messages		<-Re: sshd - Setting your ports at 2222 or another port above 1024ABLEconf mtg tonight->
Some Mailing List Archive administrated by UnconfiguredLurker (version 2.3)