Reported by Thomas Howard, Sep 1, 2010
We found a limitation with Indefero where files other than images were served up with a mime type of "application/octet-stream" We need it to serve the files up with their actual mime type, pdf with application/pdf and suchlike so that it opens with the correct program if the browser has been set to open files of that type rather than download them. Was there a particular reason you forced the mime type to "application/octet-stream" for all files that were not images, or is our suggestion to instead serve up the content type for all files acceptable? I have attached a patch that we have made for serving the content type for all files if this is the way you want to go.
Comment 1 by William Martin, Feb 23, 2011
From loic : to prevent security issues with someone attaching an html file or a kind of file which can execute in the browser and create a XSS attack