Quote:
Originally Posted by Terry
I suppose using CSS might be a little bit of a security risk depending on what scripts you are using..
|
For many years, CSS was a very safe language (from the security point of view) with only the potential to mess up the page formatting. With enhancements to CSS introduced over the last couple of years, there are now possible attacks if sensitive information is stored within HTML tags on a page. The class of attacks that are now possible are often called CSS Exfil attacks The issue (apart from needing websites that are already not robust from a security viewpoint) also assumes you are allowing CSS from untrusted sources (not your own Stylish snippets). I stand to be corrected, but I think the use of Stylish is still safe, albeit your page display might get messed up, and maintenance can be a headache.