Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Style

  • Loading branch information...
commit 1002e6190222d2ce5c312b06425439bab848db5b 1 parent 5e95e2c
Adam Barth authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  drafts/sniff.html
View
2  drafts/sniff.html
@@ -114,7 +114,7 @@ <h2 id=introduction><span class=secno>1 </span>Introduction</h2>
user-generated content would not be interpreted as a high-privilege media type,
such as text/html. However, if a User Agent does interpret a low-privilege
media type, such as image/gif, as a high-privilege media type, such as
-text/html, the User Agent has created a privilege escalation vulnerability in
+text/html, then the User Agent has created a privilege escalation vulnerability in
the server. For example, a malicious user might be able to leverage content
sniffing to mount a cross-site script attack by including JavaScript code in
the uploaded file that a User Agent treats as text/html.
Please sign in to comment.
Something went wrong with that request. Please try again.