[thelist] IIS 5: Is it Bad to Map .css to asp.dll?

James Aylard webmaster at equilon-mrc.com
Thu May 17 18:27:48 CDT 2001


> * you can instantly tell from the file extension
>   whether a given style sheet is standalone or
>   allows the use of ASP constructs.
> * slight speed gain for the vanilla .css files (if you
>   have any, as they won't need to go through the asp.dll
> * if you host other people's pure HTML on your
>   machine, you can let them use .css without letting
>   them go through your ASP parser (potentially
>   executing malicious code)

    All very good points. My primary concern about using an extension other
than .css was that some browsers would balk at such files (for instance,
iirc, some Netscape browsers don't like external javascript files without a
.js extension -- unless the mime type is explicitly set to
"text/javascript" -- I think).

> The only 'gotcha' is to make sure that your .cssp files (or
> whatever) have the line:
> <%
> response.contenttype = "text/css"
> %>

    Of course, this point addresses my earlier concern. The only way to be
certain that this actually works reliably, of course, would be extensive
testing among CSS-enabled browsers...

> There should be no security or other issues (as long as your box
> is adequately secured anyway), obviously there will be a slight
> performance hit vs. just serving up plain text.

    Good to know. Thanks.

James Aylard

More information about the thelist mailing list