Nice idea, super simple, and poses some interesting questions.
There could be security issues with this given you can serve arbitrary MIME types. XSS won't be a problem because there are no cookies to steal. Maybe you could make a script that self-propagates across the key-space using AJAX.
There could be security issues with this given you can serve arbitrary MIME types. XSS won't be a problem because there are no cookies to steal. Maybe you could make a script that self-propagates across the key-space using AJAX.