From mdounin at mdounin.ru Mon Sep 1 01:20:52 2025 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 1 Sep 2025 04:20:52 +0300 Subject: [nginx] Update mime-types In-Reply-To: <13eaac41ace2c393f047d5fd6ec0b10f@elven.pw> References: <6fd7b4aae9f284157bcd51b2eb936b82@elven.pw> <33cf12d6a7440f5538c60d38ff208870@elven.pw> <25057fabce20e04e31c2db1426b7606f@elven.pw> <13eaac41ace2c393f047d5fd6ec0b10f@elven.pw> Message-ID: Hello! On Mon, Aug 25, 2025 at 10:30:42PM +0300, Lafiel via nginx-devel wrote: > Maxim Dounin ?????(?) 2025-07-28 13:54: > > Hello! > > > > Does it make sense to use these extensions nowadays? > > > > If yes, how the consumers of these formats will react to the > > change - that is, is the "application/vnd.palm" type actually > > supported, or it's just a planned change which never happened > > in practice? > > > > Note that Apache uses "application/x-mobipocket-ebook" for > > "prc" (which is a prc-based ebook format), which suggests that > > "application/vnd.palm" might not work well at least for some > > consumers. > > > > If no, should it be removed instead? > > > > Also note that at least one common use of the "pdb" extension > > is a debug data for Microsoft C++ Compiler, and it's actively > > used in practice. > > I agree, some types are rarely used now. Then maybe it should be > removed? That's the question. The answer depends on many factors, and in general requires a separate research. > There are other rarely used types. Example: > $ awk '/^mml,/||/^jad,/||/^wml,/||/^jar,/||/^war,/||/^ear,/||/^hqx,/|| \ > /^odg,/||/^odp,/||/^ods,/||/^odt,/||/^wmlc,/||/^wasm,/||/^cco,/|| \ > /^jardiff,/||/^jnlp,/||/^sea,/||/^sit,/||/^xpi,/||/^xspf,/|| \ > /^ra,/||/^3gp,/||/^asf,/' ~/httparchive_exts.csv > 3gp,35,75 > wml,11,63 > odt,16,23 > jar,5,12 > wasm,5,9 > sea,2,8 > xspf,4,7 > asf,4,6 > odg,2,3 > ra,3,3 > war,1,1 > jnlp,1,1 > cco,1,1 > hqx,1,1 > ods,1,1 In general, the threshold for removing types should be much lower than the threshold for adding new types, since this might negatively affect existing uses, breaking POLA. Additionally, the particular examples demonstrate that httparchive stats shouldn't be the only factor to consider: for example, "wasm" is a perfectly active and only recently introduced extension for Web Assembly, while "wml" is a dead format for WAP sites, no longer used in practice. The fact that "wml" is apparently used more than "wasm" shows that the data might not be a good indicator of relative usage, at least in the area where the usage is low. Also, the "odg", "odp", "ods", and "odt" are extensions for OpenOffice document formats. Such files aren't often used for sites itself, but might be available for download, which makes them important for mime.types, but unlikely to appear with high numbers in httparchive data. I believe we've previously discussed this in this thread, here: https://freenginx.org/pipermail/nginx-devel/2024-March/000099.html In either case, removing of any type certainly needs a detailed research, demonstrating that the type is no longer used in practice. > > Numbers as I see them suggests that all these extensions are > > rather not used in practice, at least compared to "ts". > > > > Further, I would argue that "tsv" is a common extension for tab > > separated values format, and both Python and Apache map it to > > "text/tab-separated-values". > > > > I would rather refrain from this change. > > Maybe then just add the text/tab-separated-values type for .tsv files? > > $ awk '/^tsv,/' httparchive_exts.csv > tsv,174,326 That would be something I would rather accept if requested. On the other hand, tab separated values are most likely fine with any default type, such as "text/plain" or "application/binary", and this explains lack of requests to add this type and extension. > > See here about m4v/m4a as discussed earlier in this thread: > > > > https://freenginx.org/pipermail/nginx-devel/2024-April/000141.html > > > > Note well that this patch doesn't remove corresponding > > "video/x-m4v" type with the "m4v" extension, which makes the > > change essentially a nop (apart from producing a warning at > > startup). > > Forgot to delete video/x-m4v. > > If there were any problems, then Apache would not have added > the `audio/mp4` type for .m4a and mp4a files. As previously explained, using "audio/mp4" and "video/mp4" for "m4a" and "m4v" files is incorrect, as these are distinct types. As such, the question is what are the reasons for the change. Just for the record, the Apple site does not seem to be distinctive about what types they expect to be used. In particular, I was able to find the following pages with MIME type recommendations for m4v/m4a files on developer.apple.com: https://developer.apple.com/library/archive/documentation/AudioVideo/Conceptual/AirPlayGuide/PreparingYourMediaforAirPlay/PreparingYourMediaforAirPlay.html https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/CreatingVideoforSafarioniPhone/CreatingVideoforSafarioniPhone.html https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/CreatingContentforSafarioniPhone/CreatingContentforSafarioniPhone.html The first one, last modified in 2012, suggests to use "audio/mpeg4" and "video/mpeg4". Two others, last modified in 2016, suggests to use "audio/x-m4a" and "video/x-m4v". I personally tend to think, especially given the last link from the above, which contains a number of various types, including "audio/x-m4b" for "m4b" and "audio/x-m4p" for "m4p", that "audio/x-m4a" and "video/x-m4v" should be preferred. Still, I'm open to changes if some compelling reasons are provided. > > The numbers suggests that these extensions are not used in > > practice. > > > > And at least "movie" is a way too generic extension seen being > > used with other MIME types, notably "video/x-sgi-movie" in Apache > > and Python. > > > > We probably can consider adding just the "qt", but given the > > numbers I'm not sure it worth the effort. > > Apache also has such an extension, I think it's worth adding. > I can fix the patch later. > > $ awk '/video\/quicktime/' mime.types > video/quicktime qt mov I don't have any strong objections. Still, I'm not really convinced this extension is used in practice, and if it is, it is mostly used for QuickTime videos, and not for other purposes. > > At least Apache still uses "video/x-ms-asf". And the change > > looses details about the purpose of the file format, which might > > be the reason why "video/x-ms-asf" is still used. > > > > Any specific reasons for the change? > > According to this recommendation: > https://learn.microsoft.com/en-us/windows/win32/wmformat/file-name-extension-guidelines > asf files should not store audio and video streams. > This format is also rarely used, can it be removed as well? > This also applies to the .wmv extension. Then there will be > no need to add the .wma extension. As suggested above, threshold for removing extensions which are already present is expected to be much lower than that for adding new extensions. And at least "wmv" files are still widely used in practice, as far as I can tell, e.g., from various video sharing sites. [...] -- Maxim Dounin http://mdounin.ru/ From mdounin at mdounin.ru Mon Sep 1 08:27:25 2025 From: mdounin at mdounin.ru (=?utf-8?q?Maxim_Dounin?=) Date: Mon, 01 Sep 2025 11:27:25 +0300 Subject: [PATCH] Tests: adjusted delays in ssl_session_ticket_key.t Message-ID: <468102e2a704618f2829.1756715245@vm-bsd.mdounin.ru> # HG changeset patch # User Maxim Dounin # Date 1756715195 -10800 # Mon Sep 01 11:26:35 2025 +0300 # Node ID 468102e2a704618f2829e68d340b6feffab609aa # Parent 25acbb7405e84b60b13f3894768d6fa778149ac7 Tests: adjusted delays in ssl_session_ticket_key.t. If session ticket keys are not shared among worker processes, waiting for 0.5 seconds before trying to establish another session won't change anything (if the connection will end up in the different worker process, there will be an error). At the same time, the test was seen unexpectedly failing with Valgrind, due to slow connection handling. Since session ticket key rotation uses time in seconds, slightly more than 1 second between requests is enough for the test to fail if the first request happens at the end of a second. Removing the unneeded sleep improves things, but not enough to fully resolve the issue. As such, session timeout was set to 3 seconds. Wait time between tests adjusted accordingly, to slightly more than 4 seconds, to ensure that the key will be changed even if the first request happens at the start of a second. diff --git a/ssl_session_ticket_key.t b/ssl_session_ticket_key.t --- a/ssl_session_ticket_key.t +++ b/ssl_session_ticket_key.t @@ -52,7 +52,7 @@ http { server_name localhost; ssl_session_cache shared:SSL:1m; - ssl_session_timeout 2; + ssl_session_timeout 3; } } @@ -92,10 +92,9 @@ foreach my $name ('localhost') { my $key = get_ticket_key_name(); -select undef, undef, undef, 0.5; is(get_ticket_key_name(), $key, 'ticket key match'); -select undef, undef, undef, 2.5; +select undef, undef, undef, 4.1; local $TODO = 'no ticket key callback' if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8h'); From mdounin at mdounin.ru Fri Sep 5 21:13:19 2025 From: mdounin at mdounin.ru (=?iso-8859-1?q?Maxim_Dounin?=) Date: Sat, 06 Sep 2025 00:13:19 +0300 Subject: [nginx-tests] Tests: adjusted delays in ssl_session_ticket_key.t. Message-ID: details: http://freenginx.org/hg/nginx-tests/rev/468102e2a704 branches: changeset: 2024:468102e2a704 user: Maxim Dounin date: Mon Sep 01 11:26:35 2025 +0300 description: Tests: adjusted delays in ssl_session_ticket_key.t. If session ticket keys are not shared among worker processes, waiting for 0.5 seconds before trying to establish another session won't change anything (if the connection will end up in the different worker process, there will be an error). At the same time, the test was seen unexpectedly failing with Valgrind, due to slow connection handling. Since session ticket key rotation uses time in seconds, slightly more than 1 second between requests is enough for the test to fail if the first request happens at the end of a second. Removing the unneeded sleep improves things, but not enough to fully resolve the issue. As such, session timeout was set to 3 seconds. Wait time between tests adjusted accordingly, to slightly more than 4 seconds, to ensure that the key will be changed even if the first request happens at the start of a second. diffstat: ssl_session_ticket_key.t | 5 ++--- 1 files changed, 2 insertions(+), 3 deletions(-) diffs (24 lines): diff --git a/ssl_session_ticket_key.t b/ssl_session_ticket_key.t --- a/ssl_session_ticket_key.t +++ b/ssl_session_ticket_key.t @@ -52,7 +52,7 @@ http { server_name localhost; ssl_session_cache shared:SSL:1m; - ssl_session_timeout 2; + ssl_session_timeout 3; } } @@ -92,10 +92,9 @@ foreach my $name ('localhost') { my $key = get_ticket_key_name(); -select undef, undef, undef, 0.5; is(get_ticket_key_name(), $key, 'ticket key match'); -select undef, undef, undef, 2.5; +select undef, undef, undef, 4.1; local $TODO = 'no ticket key callback' if $t->has_module('OpenSSL') and not $t->has_feature('openssl:0.9.8h'); From mdounin at mdounin.ru Sat Sep 6 11:49:55 2025 From: mdounin at mdounin.ru (=?utf-8?q?Maxim_Dounin?=) Date: Sat, 06 Sep 2025 14:49:55 +0300 Subject: [PATCH] Tests: removed stale comment, missed in 1937:2a0a6035a1af Message-ID: <009ff3a25affe30f3db4.1757159395@vm-bsd.mdounin.ru> # HG changeset patch # User Maxim Dounin # Date 1757159373 -10800 # Sat Sep 06 14:49:33 2025 +0300 # Node ID 009ff3a25affe30f3db45757366b0bd726f9bf21 # Parent 468102e2a704618f2829e68d340b6feffab609aa Tests: removed stale comment, missed in 1937:2a0a6035a1af. diff --git a/mail_imap.t b/mail_imap.t --- a/mail_imap.t +++ b/mail_imap.t @@ -258,10 +258,6 @@ local $TODO = 'not yet' unless $t->has_v $s->check(qr/^a03 BAD/, 'invalid with non-sync literal'); $s->check(qr/^(a04 |$)/, 'literal not command'); -# skipped without a fix, since with level-triggered event methods -# this hogs cpu till the connection is closed by the backend server, -# and generates a lot of debug logs - $s = Test::Nginx::IMAP->new(); $s->read();