net/http: discrepancies in the MIME Sniffing Spec and the implementation #30570
Labels
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
What version of Go are you using (
go version
)?While reading the MIME Sniffing Spec and the corresponding implementation in the
net/http
package insniff.go
, I found few discrepancies between the two. As, I do not know whether these diffs are intentional or not (though I am curious to know), I thought it best to share my findings so that a conscious decision can be taken.Here are few suggestions for updating the current implementation in accordance with the spec:
Using pattern rather than mask for assertion and iteration in the Pattern Matching Algorithm.
Currently, we are using
m.mask
instead ofm.pat
at both the places.The reason this substitution works is because their lengths are the equal (implicit) in all the currently support MIME signatures, and the logical AND operation:
a & b = c
=>
a & c = b
.Refer:
go/src/net/http/sniff.go
Lines 185 to 194 in d188767
Rename
image/vnd.microsoft.icon
toimage/x-icon
and add another signature for the same.We are using the same signature for
image/vnd.microsoft.icon
instead ofimage/x-icon
. This could be a possible bug or a decision that should be documented as a divergence from the spec.Refer:
go/src/net/http/sniff.go
Line 93 in d188767
Using named strings instead of hexadecimal representation in
application/zip
andapplication/x-rar-compressed
.Reading the source code, I experienced that using human-readable string definition of the signatures is an implicit convention over the mechanistic byte pattern sequences (as it should be!). These are a couple of places which can be changed with the sole purpose of maintaining consistency and improving visual aesthetics.
Refer:
go/src/net/http/sniff.go
Lines 146 to 147 in d188767
Reordering the
sniffSignatures
according to the section Identifying a resource with an unknown MIME type.In the current implementation, the signatures are almost sorted according to the spec, with a few exceptions. For example, matching
video/webm
beforevideo/mp4
.The text was updated successfully, but these errors were encountered: