Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 303
  • Last Modified:

HTTP_ACCEPT header issue.

Hi Experts,

    Basically, i need to catch a specific mime type from the client (i just have to detect it once), I'm currently using PHP (but the issue is not specific to php) and HTTP_ACCEPT header.

    ( ACCEPT: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */* ) is what i need...

    Issue comes with MSIE for Mac which only send the 'accept all'
    ( ACCEPT:*/* )

    (Probably there is other browsers which send only that but i dont need them for the moment...)

    I want the list of supported mimes instead of this unusable 'accept all'...

    So i need a solution, a specific header to send, or a particular Metatag in a page, or whatever else which will work (ASP and co. welcome)...

    I allready crawled over google, google.groups and several technicals support without success (i've allready seen this question but no answer).

    I know there is problably no solution for this problem, so i ask here to experts for any working hack/workaround for this issue.

    *Please, forget about browser settings change, registry key, or any client side modification*

Thanks for any answer
1 Solution
Hi manix,

You may find this useless, but in ASP you can acheive this with the following piece of code:


...and, test the resulted output here:


manixAuthor Commented:
Hi Wakie,
   Thanks for answer, this looks exactly like the ASP translation of the PHP function i use to retrieve the header, maybe useful if i achieve the issue and plane an ASP version.
   But it seems that it wont force IE on Mac to send the wanted header...


RFC2936 seems to be what you're looking for...


It includes a javascript example on how to detect mime-types.  I'm thinking using javascript is likely your best and most cross-portable bet.

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Hi manix,

ok, in PHP there's a function that might be able to help you called get_browser. Use it like so:

$browser = get_browser();
echo list_array ((array) $browser);

This will then return all the values you could theoretically use. HTH.

manixAuthor Commented:
Hi xperts, sorry of long time without news, HD died...


bobsledbob first, thanks for the answer, but in fact, i am trying to code a server side detection exactly to avoid a client-side (javascript, activeX...) detection, that i can allready do, but which is not very reliable...

Wakie again, thanks for the effort, if there is no good answer i will give u points...
In fact get_browser isnt good here, because its based on a server static file (browscap.ini) which does not considers the real capacities of the client (ie: if a specific plug in is installed or not...)

Thanks all,
Still waiting for the miracle...
Hi manix,

As soon as a connection is made between the http server and the web browser, the web browser tells the server what it wants immediately and along with that demand it passes its "Accept" header.

Unfortunately, there is no way for the server to say "i want to force you to give me a list of the supported components you can read" before the client gives its request.

But you may like to take a look at the following function.

function mimelist() {
        $mimetypes = $_SERVER["HTTP_ACCEPT"];
        $mimetypes = str_replace(" ", "", $mimetypes);
        $ar = explode(",", $mimetypes);
        return $ar;

I hope that helps.

Hi manix,

How's progress?
manixAuthor Commented:
Hi wakie, standby...

Still waiting for a real answer ;)

Your function mimelist may be useful, but as i only check for a presence of a particular mimetype i just use a strpos on the HTTP_ACCEPT.

My real problem is not to retrieve the mimetypes from the http_accept nor retrieve the http_accept ( i'm really not a php newbie believe me ;)

My real problem is that on certain platform the http_accept is sent but with a value of "*/*", kind of "hello, i accept everything, try" instead of the supported mimetypes list that i need.

I've no problem programming, i'm just searching for a (dirty) trick that might be known by other experts  to "force" the clients to send the correct list instead of this fake "*/*" .......

I just need a server side trick, whatever it is.

As i said in demand:

"I know there is problably no solution for this problem, so i ask here to experts for any working hack/workaround for this issue."

I'll wait the end of the month and then give u points if there is no working trick submitted...
manixAuthor Commented:
Nobody, really ???
This question has been classified abandoned. I will make a recommendation to the
moderators on its resolution in a week or two. I appreciate any comments
that would help me to make a recommendation.

Unless it is clear to me that the question has been answered I will recommend delete.  It is possible that a Grade less than A will be given if no expert makes a case for an A grade. It is assumed that any participant not responding to this request is no longer interested in its final disposition.

If the user does not know how to close the question, the options are here:


manixAuthor Commented:
Sorry, i just forgot this question...

Nobody answered, because there is probably no answer

So i give points to the first...


Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now