AddType handler specifies how the client (eg:- browser) has to deal with a particular data stream . The AddHandler on the other hand maps a handler to the file extension telling the server what to do with it.
AddType application/x-httpd-php4 .php4
AddHandler application/x-httpd-php4 .php4
The above two lines looks similar except for the difference in AddType and AddHandler directive names, but we can differentiate between them by their use ie AddType is for the client and AddHandler is for server to understand.If you ask how browsers actually deal with the content type you set in your AddType directive, then the answer is :- Gecko ( Gecko is a layout engine used by Firefox ) based browsers (like Firefox) follow the standard closely so they will handle a file according to the content type in your Apache configuration. This means your image will show up as text if you wrongly assigned the text/plain content type. Internet Explorer is more flexible and tries to guess the mime type for misconfigured web servers showing a wrongly defined images as, well, an image
Security Aspects :-
Some content types, such as executable programs, are inherently unsafe. For this reason these MIME types are usually restricted in terms of what actions a web browser will take when given content of that type. An executable program should not be executed on the user’s computer and at most should cause a dialog to appear asking the user if they wish to download the file.
MIME type guessing has led to security exploits in Internet Explorer which were based upon a malicious author incorrectly reporting a MIME type of a dangerous file as a safe type. This bypassed the normal download dialog resulting in Internet Explorer guessing that the content was an executable program and then running it on the user’s computer.
