Question
A moment ago, I was reading a CSS Tricks tutorial on styling the scroll bar. I navigated to the demo, and proceeded to view the page's source styles in Dev Tools, however I found the CSS file listed to be blank.
I moved to the page's source, and clicked on the link to the style sheet, in the header, and to my surprise, I was shown this:
I'm curious to know how it's possible to serve the browser a proper style-sheet, which it utilizes to style the page, and then serve the client a spoof resource.
How is this done?
If I wanted to look at this file, could I do it? How?
Can this be done for other resources, such as JavaScript?
Solution
I assume he's sending the user to a chosen page whenever they try to access any .css filetype. This can be done by editing the .htaccess with something like this..
https://stackoverflow.com/questions/23084242
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianRewriteEngine On
RewriteRule ^.*\.css$ /custompage.html [R=301,L]
You can still access the CSS just not directly, try looking at it using the developer tools of your browser.
OTHER TIPS
I think this site explains it well: It is possible to forbid hotlinking to files with a specific ending of a server by writing some lines of code in the .htaccess file. with this way you can forbid or redirect every request for files which ending is registered.
Some imagesites (e. g. sites with wallpapers) use this to redirect image-hotlinks to the site the image is presented.
You can do that with .css, too.
