Posted by David Haynes on 01/12/06 14:11

d wrote:
> Ideally speaking, any file that spits out html should have an .html
> extension, as when the client sees it, it's HTML (regardless of how it was
> created). As others have pointed out, that will require a minor change in
> your server's configuration, but yields more professional results.

I'm not sure I agree with that. Isn't this a case of confusing naming
with content? I know that, for reasons of speed, web servers like to tag
content based on file suffixes, but I don't recall any of the standards
bodies specifying it.

Also, isn't a file that contains php a '.php'-suffixed file until it is
processed and *then* becomes an HTML image? If so, the file doesn't
'spit out HTML' until it is preprocessed by php.

AFAIK, the main reason for over-riding the .html extension to include
php processing is so that the file displayed in the browser does not
include the '.php' suffix and, therefore, does not tip off the end-user
as to which preprocessing technology is being used. This was thought to
be a security-related practice. It is similar to changing the '.do'
suffix in struts to something else. (Security through obscurity.)

There's nothing magical about any suffix - it's just what you tell the
server to be sensitive to. For example, I could change all the php files
to have a 'pre' suffix to indicate that these files are 'pre'processed
before displaying them.

-david-

[Back to original message]