Adjust our sniffing hueristics to better match Firefox....

net/base/mime_sniffer.cc

 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // Detecting mime types is a tricky business because we need to balance
 // compatibility concerns with security issues.  Here is a survey of how other
 // browsers behave and then a description of how we intend to behave.
 //
 // HTML payload, no Content-Type header:
 // * IE 7: Render as HTML
@@ skipping 55 matching lines @@
 // => Chrome: Render as GIF
 //
 // GIF payload, Content-Type: "application/octet-stream":
 // * IE 7: Render as GIF
 // * Firefox 2: Download as application/octet-stream (Note: Firefox will
 //                              Download as GIF if the URL has an GIF extension)
 // * Safari 3: Download as Unknown (Note: Safari will Render as GIF if the
 //                                        URL has an GIF extension)
 // * Opera 9: Render as GIF
 //
-// Given our previous decisions, this decision is more or less clear.
-// => Chrome: Render as GIF
+// We used to render as GIF here, but the problem is that some sites want to
+// trigger downloads by sending application/octet-stream (even though they
+// should be sending Content-Disposition: attachment).  Although it is safe
+// to render as GIF from a security perspective, we actually get better
+// compatibility if we don't sniff from application/octet stream at all.
+// => Chrome: Download as application/octet-stream
 //
 // XHTML payload, Content-Type: "text/xml":
 // * IE 7: Render as XML
 // * Firefox 2: Render as HTML
 // * Safari 3: Render as HTML
 // * Opera 9: Render as HTML
 // The layout tests rely on us rendering this as HTML.
 // But we're conservative in XHTML detection, as this runs afoul of the
 // "don't detect dangerous mime types" rule.
 //
@@ skipping 397 matching lines @@
                           url.SchemeIs("ftp");
   if (!sniffable_scheme) {
     should_sniff_counter.Add(1);
     return false;
   }
 
   static const char* kSniffableTypes[] = {
     // Many web servers are misconfigured to send text/plain for many
     // different types of content.
     "text/plain",
-    // IIS 4.0 and 5.0 send application/octet-stream when serving .xhtml
-    // files.  Firefox 2.0 does not sniff xhtml here, but Safari 3,
-    // Opera 9, and IE do.
+    // We want to sniff application/octet-stream for
+    // application/x-chrome-extension, but nothing else.
     "application/octet-stream",
     // XHTML and Atom/RSS feeds are often served as plain xml instead of
     // their more specific mime types.
     "text/xml",
     "application/xml",
   };
   static SnifferHistogram counter("mime_sniffer.kSniffableTypes2",
                                   arraysize(kSniffableTypes) + 1);
   for (size_t i = 0; i < arraysize(kSniffableTypes); ++i) {
     if (mime_type == kSniffableTypes[i]) {
@@ skipping 62 matching lines @@
     if (SniffXML(content, content_size, result))
       return true;
     return content_size >= kMaxBytesToSniff;
   }
 
   // CRX files (chrome extensions) have a special sniffing algorithm. It is
   // tighter than the others because we don't have to match legacy behavior.
   if (SniffCRX(content, content_size, url, type_hint, result))
     return true;
 
+  // We're not interested in sniffing for magic numbers when the type_hint
+  // is application/octet-stream.  Time to bail out.
+  if (type_hint == "application/octet-stream")
+    return have_enough_content;
+
   // Now we look in our large table of magic numbers to see if we can find
   // anything that matches the content.
   if (SniffForMagicNumbers(content, content_size, result))
     return true;  // We've matched a magic number.  No more content needed.
 
   // Having failed thus far, we're willing to override unknown mime types and
   // text/plain.
   if (hint_is_unknown_mime_type || hint_is_text_plain) {
     if (looks_binary)
       result->assign("application/octet-stream");
     else
       result->assign("text/plain");
     // We could change our mind if a binary-looking byte appears later in
     // the content, so we only have enough content if we have the max.
     return content_size >= kMaxBytesToSniff;
   }
 
   return have_enough_content;
 }
 
 }  // namespace net