On Sat, Jul 25, C. M. Sperberg-McQueen inscribed on the eternal scroll:
Yes. As has been mentioned, Mozilla is picky about MIME types.
In general I would interpret that as a mandatory requirement of the
applicable HTTP RFC (currently 2616), rather than "pickyness". "If
and only if" the server does not provide a content-type, is the client
software permitted to guess. (But the server "should" always provide
an appropriate content-type.)
If the server presents a content-type that the client considers
inappropriate, then it could be permissible to consult with the user
about an error fixup, but it's impermissible, according to RFC2616,
for the software to silently DWIM. Mozilla is behaving correctly,
according to this general principle.
Any client software which fails to conform with this requirement
represents an unnecessary extra security exposure, and is in violation
of the interworking specification, as I interpret it. There are
several demonstration pages around which demonstrate this
vulnerability in IE.
(That's the general position. I'm not arguing with what you said
about the specifics of text/xsl, OK?).
best regards