Good find Hester! Back when papabaer was around, he alerted us to some issues with using quote marks in CSS files. The issues he brought up dealt specifically with the Mac and 404 errors. Apparently Mac chokes on single and double quotes in CSS files.

I had to change my CSS editor of choice after finding out that little tidbit of information. I've always used FP to edit my stylesheets and it has a default setting to always use single quotes where applicable. You can strip them out but as soon as you save FP adds them back in. So now I just use Note Pad for editing CSS.

Why would someone want to use JavaScript in their CSS?

This does of course bring up a host of new questions. What if the user has Javascript turned off but CSS on? Or the other way round? Frankly I feel the browser shouldn't parse the script at all, as it is not part of an HTML or Javascript file. But then I can see why they do.

I know expressions look interesting for faking min/max-width/height, and I think they're technically javascript. Maybe that has something to do with it.

Mozilla also parses and executes the javascript, but you can't seem to do anything useful with it, since both alert() and document.write() are disallowed.

See the JS console.

I wonder if any security new flaws will be discovered because of this?

I wonder if you can also get around popup blockers, since you can do something like:

javascript:document.body.onload = function() {...};