Index: includes/common.inc =================================================================== --- includes/common.inc.orig 2007-06-28 13:16:29.000000000 +0200 +++ includes/common.inc 2007-06-28 13:23:36.000000000 +0200 @@ -1453,7 +1453,7 @@ $preprocess_css = variable_get('preprocess_css', FALSE); $directory = file_directory_path(); - $is_writable = is_dir($directory) && is_writable($directory) && (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) == FILE_DOWNLOADS_PUBLIC); + $is_writable = is_dir($directory) && is_writable($directory); foreach ($css as $media => $types) { // If CSS preprocessing is off, we still need to output the styles. @@ -1537,6 +1537,10 @@ // Create the CSS file. file_save_data($data, $csspath .'/'. $filename, FILE_EXISTS_REPLACE); } + // File download method is private, so use the system_load_css() callback + if (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) != FILE_DOWNLOADS_PUBLIC) { + return 'css-loader/'. $filename; + } return $csspath .'/'. $filename; } Index: modules/system/system.module =================================================================== --- modules/system/system.module.orig 2007-06-28 13:16:09.000000000 +0200 +++ modules/system/system.module 2007-06-28 13:22:10.000000000 +0200 @@ -300,6 +300,15 @@ function system_menu($may_cache) { 'title' => t('SQL'), 'callback' => 'system_sql', 'type' => MENU_CALLBACK); + + if (variable_get('preprocess_css', TRUE) && variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) != FILE_DOWNLOADS_PUBLIC) { + $items[] = array( + 'path' => 'css-loader', + 'title' => t('CSS Loader'), + 'callback' => 'system_load_css', + 'access' => TRUE, + 'type' => MENU_CALLBACK); + } } else { /** @@ -693,16 +702,16 @@ function system_performance_settings() { ); $directory = file_directory_path(); - $is_writable = is_dir($directory) && is_writable($directory) && (variable_get('file_downloads', FILE_DOWNLOADS_PUBLIC) == FILE_DOWNLOADS_PUBLIC); + $is_writable = is_dir($directory) && is_writable($directory); $form['bandwidth_optimizations']['preprocess_css'] = array( '#type' => 'radios', '#title' => t('Aggregate and compress CSS files'), '#default_value' => variable_get('preprocess_css', FALSE) && $is_writable, '#disabled' => !$is_writable, '#options' => array(t('Disabled'), t('Enabled')), - '#description' => t("Some Drupal modules include their own CSS files. When these modules are enabled, each module's CSS file adds an additional HTTP request to the page, which can increase the load time of each page. These HTTP requests can also slightly increase server load. It is recommended to only turn this option on when your site is in production, as it can interfere with theme development. This option is disabled if you have not set up your files directory, or if your download method is set to private."), - ); - + '#description' => t("Some Drupal modules include their own CSS files. When these modules are enabled, each module's CSS file adds an additional HTTP request to the page, which can increase the load time of each page. These HTTP requests can also slightly increase server load. It is recommended to only turn this option on when your site is in production, as it can interfere with theme development. This option is disabled if you have not set up your files directory."), + ); + $form['#submit']['system_settings_form_submit'] = array(); $form['#submit']['drupal_clear_css_cache'] = array(); @@ -2369,3 +2378,19 @@ function theme_system_admin_by_module($m return $output; } + +/** + * Output an aggregated CSS file when file download method is private + */ +function system_load_css($file=NULL) { + // Be very strict about what filenames are allowed, to avoid attacks + if (isset($file) && preg_match('/^[a-f0-9]{32}\.css$/', $file)) { + $filepath = 'css/'. $file; + if (file_exists(file_create_path($filepath))) { + file_transfer($filepath, array('Content-type: text/css')); + } + return drupal_not_found(); + } + return drupal_access_denied(); +} +