Bug CSS for disabled styles can be accessed by everyone

Thread starter Kirby
Start date Sep 16, 2022

There is a bug in this version

Kirby

Guest

Sep 16, 2022

When delivering CSS via css.php, XenForo does not check if the style is enabled (or if the accessing user has permission to use disabled styles) and thus also delivers CSS of disabled styles to everyone.

This can be problematic if disabled styles produce errors when rendering (for example if they call templater functions that do not exist) as this would get logged as errors - which can happen quite often if sucher URLs are accessed by crawlers.

Ideally XenForo should return a...

Read more

Continue reading...

You must log in or register to reply here.

Similar threads

XenForo Please enter valid username CSS rules.

Replies: 0

Views: 24

XenForo Development & Modifications Oct 28, 2024

CtrlV

Solved Featured Content Carousal CSS issue

Replies: 0

Views: 15

XenForo General Discussions Oct 24, 2024

Kirby

Solved Prefix CSS

Replies: 0

Views: 22

XenForo General Discussions Oct 24, 2024

beerForo

Bug Using images with variations via CSS is complicated

Replies: 0

Views: 29

XenForo General Discussions Oct 22, 2024

Kirby

XenForo Css class for buttons

Replies: 0

Views: 29

XenForo Development & Modifications Oct 14, 2024

AndreaMarucci

Facebook X (Twitter) Reddit Pinterest WhatsApp Email Link

Top Bottom

Back

Welcome To The Geeks-Board!
For full use of the forum, you need to register. The registration will take only 1 minute and after that, you can enter and read topics. So don't hesitate and register now!
Log in Register
🔥 Hardware & Software Products
🔥 Android Devices Support
🔥 Web Development

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Search

Search

Bug CSS for disabled styles can be accessed by everyone

Kirby

Guest

Similar threads