-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 12/3/2010 4:07 PM, Robert Collins wrote: > application/octet-stream is unsafe. > > -Rob
We already have a way to get that, though. The 'download' urls do that. Or are they somehow already protected against XSS, and new stuff wouldn't be?
John =:->
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkz5arEACgkQJdeBCYSNAAOb7gCdH5Il4yjztErqf5GxdNVa7GvU w5IAoJoQ/Y621aXMNFBRheD2fucpC/lE =SKtw -----END PGP SIGNATURE-----
« Back to merge proposal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 12/3/2010 4:07 PM, Robert Collins wrote: octet-stream is unsafe.
> application/
>
> -Rob
We already have a way to get that, though. The 'download' urls do that.
Or are they somehow already protected against XSS, and new stuff
wouldn't be?
John
=:->
-----BEGIN PGP SIGNATURE----- enigmail. mozdev. org/
5arEACgkQJdeBCY SNAAOb7gCdH5Il4 yjztErqf5GxdNVa 7GvU Y621aXMNFBRheD2 fucpC/lE
Version: GnuPG v1.4.9 (Cygwin)
Comment: Using GnuPG with Mozilla - http://
iEYEARECAAYFAkz
w5IAoJoQ/
=SKtw
-----END PGP SIGNATURE-----