Page 1 of 1
file permisions..
Posted: Thu Jul 10, 2008 8:53 am
by Frozenlight777
I'm sure this is a security basic, but i'm curious. When you reference a css file looking something like this:
Code: Select all
<LINK REL=StyleSheet HREF="style.css" TYPE="text/css" MEDIA=screen>
I know anyone who views the source can insert style.css into the url and view all the css code. Is there a way to make it so when the user tries to access it via the url it displays an error message or something?
I don't need an example or anything, just curious if it's possible or not
Re: file permisions..
Posted: Thu Jul 10, 2008 9:37 am
by matthijs
I don't think that's possible. CSS has to be sent to and rendered by the browser, one way or the other. You can't protect that.
Re: file permisions..
Posted: Thu Jul 10, 2008 9:41 am
by Jasheppard
I agree with matthijs
I don't think that's possible.
Because when you load the page it downloads the css into the internet temp folder, and once that's there, you cant do nothing about them viewing it.
Unless you make the code very messy

Re: file permisions..
Posted: Thu Jul 10, 2008 9:52 am
by Frozenlight777
haha thanks guys, yeah I wasn't sure it was possible either. Oh well.
Re: file permisions..
Posted: Tue Jul 15, 2008 5:26 am
by alex.barylski
The best you could do is obfuscate using Javascript. External style sheets would be tricky but you could maybe obfuscate an inline <style> tag and insert it into the document using innerHTML (not write as browsers can read that). Still though, all you would need is a tool like Firebug to see the plain english CSS.
CSS is so limited though what could you possibly have done that is worth hiding? Setting the font-size to 9pt has already been done.
Cheers
