Skip to content

Commit

Permalink
tell receiver to stop processing on type mismatch
Browse files Browse the repository at this point in the history
Fix #37

Signed-off-by: Thomas Fossati <[email protected]>
  • Loading branch information
thomas-fossati committed Oct 24, 2024
1 parent ef1861f commit f3de5a1
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions draft-ietf-rats-eat-media-type.md
Original file line number Diff line number Diff line change
Expand Up @@ -195,8 +195,9 @@ explicit parameter.

Media types only provide clues to the processing application. The application
must verify that the received data matches the expected format, regardless of
the advertised media type. Failing to do so could expose the user to security
risks, such as privilege escalation and cross-protocol attacks.
the advertised media type, and stop further processing on failure. Failing to
do so could expose the user to security risks, such as privilege escalation
and cross-protocol attacks.

The security consideration of {{EAT}} and {{UCCS}} apply in full.

Expand Down

0 comments on commit f3de5a1

Please sign in to comment.