Feb 02, 2017, 18:04 pm
Sure, but only because it is configured to behave that way. Mime types are used to set headers and enable or disable additional filtering, like compression. These headers are used as hints for the browser to decide how to display the file. How headers are used is up to the browser itself. The server can't actually force the browser to do anything. The majority of browsers will ask to save a file with a mime type header it doesn't know how to display, regardless of what the actual mime type of the file is. Neither the browser nor the server actually check to see if the mime type is correct. The server trusts its configuration, and the browser trusts the header sent by the server.
While PHP does have a specific mime type, it is only relevant when you are not parsing it server side. Once the file is passed through the PHP processor, the actual output can be anything. The majority of the time it is text, and the PHP processor automatically specifies the type as text/html unless it is told to do otherwise.
Most servers have a default mime type that is used if there isn't an existing map for the requested file. If the default type is something the browser doesn't know how to display, then it will automatically download the file regardless. If you set the default type to something it does know how to display, then it will attempt to display the file even if it has no idea what the actual content is. You can try this yourself by changing your server's default mime type to text/plain and then upload an image file, change the extension to something the server doesn't have a map for like image.penis and then try to load it in your browser. You'll get a screen full of gibberish. Even though your browser knows how to display images, it tries to display it as raw text. Conversely, you can change the default mime type to application/octet-stream and that same image.penis file will now get downloaded.
The roundabout point to all of this is that on the server, mime types are simply mapped to file extension. They can be changed at will. Same for how the server handles any given file extension. Take a look at your browser address bar while reading this. It doesn't have a file extension at all, but the server knows to process it as PHP as per its configuration.
While PHP does have a specific mime type, it is only relevant when you are not parsing it server side. Once the file is passed through the PHP processor, the actual output can be anything. The majority of the time it is text, and the PHP processor automatically specifies the type as text/html unless it is told to do otherwise.
Most servers have a default mime type that is used if there isn't an existing map for the requested file. If the default type is something the browser doesn't know how to display, then it will automatically download the file regardless. If you set the default type to something it does know how to display, then it will attempt to display the file even if it has no idea what the actual content is. You can try this yourself by changing your server's default mime type to text/plain and then upload an image file, change the extension to something the server doesn't have a map for like image.penis and then try to load it in your browser. You'll get a screen full of gibberish. Even though your browser knows how to display images, it tries to display it as raw text. Conversely, you can change the default mime type to application/octet-stream and that same image.penis file will now get downloaded.
The roundabout point to all of this is that on the server, mime types are simply mapped to file extension. They can be changed at will. Same for how the server handles any given file extension. Take a look at your browser address bar while reading this. It doesn't have a file extension at all, but the server knows to process it as PHP as per its configuration.