This article needs additional citations for verification. Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. Find sources: "Content sniffing" – news · newspapers · books · scholar · JSTOR(January 2024) (Learn how and when to remove this message)
Content sniffing, also known as media type sniffing or MIME sniffing, is the practice of inspecting the content of a byte stream to attempt to deduce the file format of the data within it. Content sniffing is generally used to compensate for a lack of accurate metadata that would otherwise be required to enable the file to be interpreted correctly. Content sniffing techniques tend to use a mixture of techniques that rely on the redundancy found in most file formats: looking for file signatures and magic numbers, and heuristics including searching for well-known representative substrings, the use of byte frequency and n-gram tables, and Bayesian inference.
Multipurpose Internet Mail Extensions (MIME) sniffing was, and still is, used by some web browsers, including notably Microsoft's Internet Explorer, in an attempt to help web sites which do not correctly signal the MIME type of web content display.[1] However, doing this opens up a serious security vulnerability,[2] in which, by confusing the MIME sniffing algorithm, the browser can be manipulated into interpreting data in a way that allows an attacker to carry out operations that are not expected by either the site operator or user, such as cross-site scripting.[3] Moreover, by making sites which do not correctly assign MIME types to content appear to work correctly in those browsers, it fails to encourage the correct labeling of material, which in turn makes content sniffing necessary for these sites to work, creating a vicious circle of incompatibility with web standards and security best practices.
A specification exists for media type sniffing in HTML5, which attempts to balance the requirements of security with the need for reverse compatibility with web content with missing or incorrect MIME-type data. It attempts to provide a precise specification that can be used across implementations to implement a single well-defined and deterministic set of behaviors.[4]
The UNIX file command can be viewed as a content sniffing application.
^"MIME Type Detection in Windows Internet Explorer". Microsoft. Retrieved 2012-07-14.
^Barth, Adam. "Secure Content Sniffing for Web Browsers, or How to Stop Papers from Reviewing Themselves" (PDF).
^Henry Sudhof (11 February 2009). "Risky sniffing: MIME sniffing in Internet Explorer enables cross-site scripting attacks". The H. Retrieved 2012-07-14.
^Adam Barth, Ian Hickson. "Mime Sniffing". WHATWG. Retrieved 2012-07-14.
Contentsniffing, also known as media type sniffing or MIME sniffing, is the practice of inspecting the content of a byte stream to attempt to deduce...
sniffing, such as model cement. The practice of inhaling such substances is sometimes colloquially referred to as huffing, sniffing (or glue sniffing)...
makes internally after volume examination and contentsniffing: As Windows cannot perform contentsniffing on non-volume devices, AutoPlay analyses these...
differently, and so browser sniffing was developed to detect the web browser in order to help ensure consistent display of content. Web pages can use programming...
ISSN 2277-2626. Packet Sniffing... also known as Network or Protocol Analyzer or Ethernet Sniffer "What is a Packet Sniffer?". www.kaspersky.com. 2018...
history sniffing is still considered an unsolved problem. In 2010, researchers revealed that multiple high-profile websites had used history sniffing to identify...
identification Contentsniffing Browser sniffing – a similar heuristic technique for determining the capabilities of a web browser, before serving content to it...
how information sent/received through the connection are encoded (as in Content-Encoding), the session verification and identification of the client (as...
petrol (gasoline) sniffing problem in isolated and impoverished aboriginal communities. Although some sources argue that sniffing was introduced by U...
Sniff Petrol is an inactive online motoring satire magazine, first published in 2001. Sniff Petrol was originally published weekly; due to other commitments...
Band 4, while content released between October 26, 2010, and October 5, 2015, is compatible with the latter three titles only, and all content released on...
every request like cookies are, so it is not vulnerable to network cookie sniffing attacks. Some users may be tracked based on the IP address of the computer...
cannot be sniffed and stored into a local file, as SWF verification is intended to prevent third party clients from accessing the content. However, it...
2018, she joined Reliance Industries as president of Media Platform & Content and reported directly to Mukesh Ambani. She is now the CEO of Viacom 18...
detect TNT, including optical and electrochemical sensors and explosive-sniffing dogs. In 2013, researchers from the Indian Institutes of Technology using...
prevention episode of The Sally Jesse Raphael Show called "My Child Died From Sniffing Paint". In the show Sutton is asked where he thinks he will be in a few...
The boys then find Kenny, sniffing a flower, believing that he is getting "high on life", but Kenny then starts rapidly sniffing a handful of flowers and...
"taste" grappa is by rubbing a small amount on the back of the hand and sniffing. If the aroma is pleasant, the grappa is well made. Impurities in grappa...
device that transmits and receives audio content and allows one or more listeners to listen in on that content Snooper and Blabber, one of the sequences...
positive content and address larger audiences using the first-person pronoun "we". Replies, on the other hand, are more likely to contain negative content and...
Visual communication includes mouth shape and head position, licking and sniffing, ear and tail positioning, eye gaze, facial expression, and body posture...
Act all U.S. telecommunications providers are required to install packet sniffing technology to allow Federal law enforcement and intelligence agencies to...
impairing the integrity and availability of the network. Internet portal Content Vectoring Protocol List of TCP and UDP port numbers Service scan Shirey...