Today I came across a shock site with a big picture of a girl's face blinking and loud screaming in the background.
The surprise is that although it seems to be a static image, in fact it's an application/x-shockwave-flash file. The browser (Firefox in my case) displays it correctly as a Flash application. And my question is - how can the browser know that it's not a JPG image but rather a Flash application? Does it use heuristic techniques or is there a hidden "flag" in the file?
When I inspect the page in Firebug, I get this:
<html>
<head>
<meta name="viewport" content="width=device-width; height=device-height;">
<title>anne.jpg (application/x-shockwave-flash objekt)</title>
</head>
<body marginwidth="0" marginheight="0">
<embed width="100%" height="100%" name="plugin" src="http://akk.li/pics/anne.jpg" type="application/x-shockwave-flash">
</body>
</html>
So the browser obviously knows what the file format is. But how?
The server returns the file with the Content-Type: application/x-shockwave-flash header.