net: Do not sniff XHTML content

net/base/mime_sniffer.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Detecting mime types is a tricky business because we need to balance
 // compatibility concerns with security issues.  Here is a survey of how other
 // browsers behave and then a description of how we intend to behave.
 //
 // HTML payload, no Content-Type header:
 // * IE 7: Render as HTML
@@ skipping 62 matching lines @@
 //                                        URL has an GIF extension)
 // * Opera 9: Render as GIF
 //
 // We used to render as GIF here, but the problem is that some sites want to
 // trigger downloads by sending application/octet-stream (even though they
 // should be sending Content-Disposition: attachment).  Although it is safe
 // to render as GIF from a security perspective, we actually get better
 // compatibility if we don't sniff from application/octet stream at all.
 // => Chrome: Download as application/octet-stream
 //
-// XHTML payload, Content-Type: "text/xml":
-// * IE 7: Render as XML
-// * Firefox 2: Render as HTML
-// * Safari 3: Render as HTML
-// * Opera 9: Render as HTML
-// The layout tests rely on us rendering this as HTML.
-// But we're conservative in XHTML detection, as this runs afoul of the
-// "don't detect dangerous mime types" rule.
-//
 // Note that our definition of HTML payload is much stricter than IE's
 // definition and roughly the same as Firefox's definition.
 
 #include <stdint.h>
 #include <string>
 
 #include "net/base/mime_sniffer.h"
 
 #include "base/logging.h"
 #include "base/strings/string_util.h"
@@ skipping 433 matching lines @@
     *result = "application/octet-stream";
   }
 
   // We have enough information to determine if this was a Microsoft Office
   // document or not, so sniffing is completed.
   return true;
 }
 
 // Byte order marks
 static const MagicNumber kMagicXML[] = {
-  // We want to be very conservative in interpreting text/xml content as
-  // XHTML -- we just want to sniff enough to make unit tests pass.
-  // So we match explicitly on this, and don't match other ways of writing
-  // it in semantically-equivalent ways.
-  MAGIC_STRING("application/xhtml+xml",
-               "<html xmlns=\"http://www.w3.org/1999/xhtml\""),
   MAGIC_STRING("application/atom+xml", "<feed"),
   MAGIC_STRING("application/rss+xml", "<rss"),  // UTF-8
 };
 
 // Returns true and sets result if the content appears to contain XHTML or a
 // feed.
 // Clears have_enough_content if more data could possibly change the result.
 //
 // TODO(evanm): this is similar but more conservative than what Safari does,
 // while HTML5 has a different recommendation -- what should we do?
@@ skipping 317 matching lines @@
       ~(1u << '\t' | 1u << '\n' | 1u << '\r' | 1u << '\f' | 1u << '\x1b');
   for (size_t i = 0; i < size; ++i) {
     uint8_t byte = static_cast<uint8_t>(content[i]);
     if (byte < 0x20 && (kBinaryBits & (1u << byte)))
       return true;
   }
   return false;
 }
 
 }  // namespace net