You are reading a single comment by @gbj_tester and its replies. Click here to read the full conversation.
  • The correct mimetype should be sent regardless of the file extension.

    Jpgs are also auto converted to webp for clients that support webp, and yet this is done without a redirect so the file extension remains intact.

    We also don't trust that something that calls itself a jpg is an image. So regardless of file extension, we want to make sure an exe isn't uploaded containing malware, so every image is inspected, and during that we may adjust the mimetype.

  • The correct mimetype should be sent regardless of the file extension.

    Yes, I get that lfgss.com and his browser are not thrown by the funny extension, but it looks like his phone's image viewing app failed to spot it.

About

Avatar for gbj_tester @gbj_tester started