views:

138

answers:

2

I developed a web app that responds with data in the format as specified by the client in the HTTP Accept Headers. Everything worked fine while using Firefox, but when I wanted to check my CSS / HTML on Chrome and IE, both of them wanted to download the index page, as if it's an unknown content type.

After some research I found this article, which states that IE sends out a lot of crud in it's HTTP Accept headers, amongst others a list of image/* content types right at the start.

This caused my web app to try to send the index page as an image/jpeg.

So how do I know when to ignore and when to use the Accept Headers?

A: 

I would simply keep a blacklist of programs that send obviously broken Accept headers, like IE and Safari (according to the article). If the User-Agent header matches the blacklist, ignore the Accept header, otherwise don't.

The problem with IEs Accept header is not that it puts image/* at the start, but that it doesn't indicate that it prefers HTML or XHTML over images (via the q parameter). AFAIK, the order of the elements in the Accept header is not significant.

trendels
Whitelist: Yea, true, the only problem is that User-Agent headers are sometimes untrustworthy, so I try to stay away from them.Order of elements: The parser I use assumes that if no preference is given, the first takes precedence.
Jrgns
+1  A: 

The best thing to do is likely to apply your own server-side weight if there are types with the same weight in the accept header. Thus if you have text/html and image/* both with the same q-value (or none) you could give text/html preference by default.

Jan Algermissen
I wanted to implement this now, and realised (again) that the problem is that IE doesn't send text/html as a MIME type, just a lot of cruft and */*. So even if I weigh text/html more than image/*, it will still pick image/*, as there is not text/html.
Jrgns
What exactly does your IE send?
Jan Algermissen
Check this link. I also mention it in the question:http://www.gethifi.com/blog/browser-rest-http-accept-headers
Jrgns