A couple of things on the asp/cold fusion/whatever serving up dynamic CSS discussions: First, Eric Engelmann wrote: > * Mapping .css to asp.dll (which I saw recently on this list... but I'd > rather avoid it if possible. Setting up more server mappings in IIS is just > scary, given that the MS security checklist basically removes them all > except asa,asp) The important thing here is the security of the DLL itself. Adding file extensions to the one mapping you ARE allowed to use (asp.dll should be the only one in use, the others that come installed by default basically turn your new webserver into a $15,000 sieve) is absolutely fine . It's important to reduce the non-essential DLLs used in mappings, not the mappings themselves. Then James Aylard wrote: > Paul Cowen suggested a separate extension Cowan. (don't worry, I'm used to it, believe me!) Paul  Paul Cowan Free Web Advice Limited will not be held liable for any security holesd cause by some previously unknown IIS security bug due to file EXTENSIONS, not mappings, like filename extensions with non-7-bit-ascii characters in them, dashes, underscores, periods, or, knowing microsoft, the letter 'e'.