Consider explicitly handling "application/dash+xml" MIME type #20
Comments
|
(I think that currently [without the proposed changes] the ORB algorithm would block "application/dash+xml" responses in the final step, because earlier steps would decide that the response doesn't sniff as video and doesn't sniff as JavaScript.) |
|
Yeah that seems reasonable. (See also whatwg/fetch#886.) Are there web-platform-tests for this? |
anforowicz
added a commit
to anforowicz/orb
that referenced
this issue
Feb 25, 2021
annevk
added a commit
that referenced
this issue
Oct 4, 2021
These MIME types cannot be fetched without CORS. Closes #20 and closes #23. Follow-up: whatwg/html#6468.
annevk
added a commit
that referenced
this issue
Oct 5, 2021
These MIME types cannot be fetched without CORS. Closes #20 and closes #23. Follow-up: whatwg/html#6468.
|
Do we need to keep this open now that we have #29? |
|
You're right - it's probably best to just keep track this in #29 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Should we explicitly add "application/dash+xml" to the definition of "an opaque-safelisted MIME type"?
Based on the docs for DASH Adaptive Streaming, it seems that this MIME type may be directly used in video tags. CORB had to start explicitly recognizing this MIME type in https://crbug.com/947498.
FWIW, I see that https://mimesniff.spec.whatwg.org/#audio-or-video-mime-type 1) doesn't list "application/dash+xml" and 2) also lists "application/ogg" (but this one should be covered by ORB's reference to the audio/video sniffing)
The text was updated successfully, but these errors were encountered: