tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Migrating to tomcat 6 gives formatted currency amounts problem
Date Fri, 12 Sep 2008 18:35:39 GMT
Christopher Schultz wrote:

> Yes, they do. MS, contrary to W3 specifications, sniffs the content of a
> page and chooses the encoding and ignores any server-specified encoding.
> It also does this with MIME types. (Sorry, can't find the reference
> right now).

Here is a start, sympathetic to Microsoft :

And here is another relevant MS technical document (not for the faint of 
heart) :

On the other hand, the HTTP 1.1 RFC section 7.2.1
says :
Any HTTP/1.1 message containing an entity-body SHOULD include a 
Content-Type header field defining the media type of that body. If and 
only if the media type is not given by a Content-Type field, the 
recipient MAY attempt to guess the media type via inspection of its 
content and/or the name extension(s) of the URI used to identify the 
resource. If the media type remains unknown, the recipient SHOULD treat 
it as type "application/octet-stream".
(notice the "*if and only if* the media type is not given..")

In other words, IE's content sniffing is in clear violation of the HTTP 
1.1 RFC, 99% of the time.

On the other hand, I once read a justification by one of the Microsoft 
developers (as I recall that one was related to their implementation of 
DAV, or "Web Folders"), which essentiually said this : there are 
hundreds of millions of Windows (and IE) users, and most of them are 
*not* developers. So, although we are ourselves developers and we would 
very much like to adhere to the standards, our marketing people just 
won't let us, if it risks inconveniencing several hundred million 
average Windows users (and Microsoft customers), just to please the tiny 
minority of several hundred thousand developers.

I think it's an argument, even a relatively democratic one ...

I also personally believe that if the Microsoft developers had not 
started down the path a long time ago to believe that they could be 
smarter than everyone else and could outguess webservers, and instead 
had respected the HTTP RFC and just been more careful about which 
documents IE opens (or worse, runs), they would have saved Microsoft and 
the world countless bugs, countless viri and countless unproductive 
hours of web-developer's forced work-arounds.

What I do not however understand is, considering the flak that each IE 
bug or security advisory generates, why MS have never decided to create 
and market another parallel browser (or maybe just one checkbox in the 
regular IE), that would make it RFC-compliant.  This way users could 
just choose to either use a browser that is RFC-compliant and boring and 
safe(r), or else enjoy all the gimmicks but risk the consequences.
But hey, I also do not know in how many viri-scanning companies MS owns 

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message