MIME Sniffing Standard

E48503

WHATWG Living Standard technical specification web standard

The MIME Sniffing Standard is a web specification that defines how browsers should determine the media type of resources to improve interoperability and security on the web.

Jump to: Statements Referenced by

Statements (48)

Predicate	Object
instanceOf	WHATWG Living Standard ⓘ technical specification ⓘ web standard ⓘ
aimsTo	improve interoperability between web browsers ⓘ improve security on the web ⓘ provide consistent MIME sniffing behavior across user agents ⓘ reduce content-type confusion attacks ⓘ reduce cross-site scripting risks caused by incorrect MIME types ⓘ
appliesTo	HTTP clients that implement MIME sniffing ⓘ user agents ⓘ web browsers ⓘ
defines	algorithms for determining the media type of resources ⓘ rules for MIME type sniffing in web browsers ⓘ sniffing behavior for audio and video ⓘ sniffing behavior for content loaded via other schemes such as data URLs ⓘ sniffing behavior for content served over HTTP ⓘ sniffing behavior for content with incorrect MIME types ⓘ sniffing behavior for content with missing MIME types ⓘ sniffing behavior for images ⓘ sniffing behavior for text and binary resources ⓘ sniffing behavior for unknown or ambiguous content types ⓘ
documentationURL	https://mimesniff.spec.whatwg.org/ ⓘ
field	internet protocols ⓘ web security ⓘ web technology ⓘ
hasGoal	align browser behavior with security best practices ⓘ document de facto browser sniffing behavior ⓘ provide a normative reference for implementers ⓘ
influences	server configuration for Content-Type headers ⓘ web application security practices ⓘ
maintainer	WHATWG ⓘ
publisher	WHATWG ⓘ
relatedTo	Content-Type sniffing security guidelines ⓘ Fetch Standard ⓘ HTML Living Standard ⓘ HTTP Content-Type header ⓘ IANA media type registry ⓘ MIME types ⓘ
specifies	byte pattern matching for type detection ⓘ conditions under which sniffing may be performed ⓘ conditions under which sniffing must be disabled ⓘ heuristics for distinguishing text from binary data ⓘ interaction with HTTP response headers ⓘ interaction with X-Content-Type-Options header ⓘ sniffing rules for legacy content ⓘ
status	living standard ⓘ
usedBy	browser engines ⓘ major web browsers ⓘ

Referenced by (2)

Full triples — surface form annotated when it differs from this entity's canonical label.

WHATWG → develops → MIME Sniffing Standard ⓘ

Web Hypertext Application Technology Working Group → developsStandard → MIME Sniffing Standard ⓘ