On Sun, 2007-12-23 at 14:39 +0000, Matthew Britton wrote:
You realize CSS files don't contain any kind of
executable code, pose
no seurity risk at all, and thus all you're really doing there is
making websites look ugly?
That's not entirely true... you can add constructs that add images in
your .css files, which can be used to exploit the recent gif and png
issues on certain clients, but then again... so do browsers.
If you're going to block css because you fear exploits in images, you
may as well block fonts, colors and images from the browser also.
--
David A. Desrosiers
desrod(a)gnu-designs.com
Skype...: 860-967-3820