MAFF snafu

Crazy Alex reports that the Firefox MAFF format does _not_ support indexing into remote jar files using the "jar" scheme, so a URL like jar:http://www.foo.com/bar/baz.jar!/index.html won't work:

I tried to use jar: prefix, but with no success. Firefox geves download dialog or writes an error stating ”Unsafe File Type. The page you are trying to view cannot be shown because it is contained in a file type that may not be safe to open. Please contact the website owners to inform them of this problem.”

The reason I'm blogging about this hopelessly obscure technical point is that the Apple format for digital music packaging, the ePub and MOBI formats for ebooks, and many other ad hoc formats are exploring this same space of multi-file archives. MAFF is a candidate for an open and common implementation.

Category: Uncategorized 3 comments »

3 Responses to “MAFF snafu”

  1. Mike Linksvayer

    One reader thinks that’s a really non-obscure point.

  2. P.A.

    At present, Firefox will open a remote JAR file only if the server is configured to send a MIME type of application/java-archive or application/x-jar in the Content-Type header, unless the “network.jar.open-unsafe-types” advanced preference is enabled in “about:config”.

    Ensuring that the server really wants to provide an archive was done in order to avoid potential cross-site scripting in sites that allowed users to upload content. For more information, see:

    http://www.mozilla.org/security/announce/2007/mfsa2007-37.html

  3. Lucas Gonze

    Thanks for posting this, P.A. Hopefully this post and related comments will have enough Google juice to be a good source of info for people debugging these issues.

Back to top