Is there a disadvantage to using a dynamic Python file to generate the CSS for a webpage? I'd like computers with an administrator cookie to show special admin panel CSS, and show regular CSS for all other users. I'm planning to use:
<link rel="stylesheet" href="/css.py" type="text/css" />
That should work fine.
I hope, however, that you're not relying on CSS alone to restrict admin functionality.
You can do that. Just realize that there will be a performance hit on each page. CSS files are usually cached as they do not change often.
In theory you do not need to even use an <link> as you can render the style right in the page as a <style>, as it will be refreshed every page request.
The downside to using a dynamic file is that it won't be as fast as a static file. In all likelihood, that's not really a problem (the difference is likely negligible). If it later turns out it is a problem, you could just precompute the different CSS and link in the appropriate one.
On an unrelated note, it's not really safe to trust a cookie to determine if the user is an administrator.
It probably isn't worth the effort. If there is a lot of admin panel specific CSS, then just have a second <link> element if logged in as an admin, otherwise just merge it with the main file.
If www.example.com/css.py is accessible by a web browser and produces valid css it should work, at least with php it does.
maybe you just need to pass a content-type: text/css HTTP header
However I think you could set special classes in the HTML page generation in case of this cookie presence and let a static css handle them, but if you really need to do this I see no other disadvantage apart than a little more processing time.
Extensions don't matter. You can end it in .jpg if you want. What does (somehow) matter are the headers. You should send the following header:
Content-Type: text/css; charset=UTF-8
Still, if you don't add that, you won't run into any (immediate) problems. As long as you use type="text/css" in HTML the browser will know what you're talking about.
Note that, as Glennular said, CSS files are cached. Thus, you might want to use something like:
<link rel="stylesheet" href="/css.py?SOME_RANDOM_SEED" type="text/css" />
Where SOME_RANDOM_SEED is, obviously, a random character sequence. You can use time.time() or uuid.uuid4() or something similar.
Although using dynamically created CSS works nowadays, I fear that you can't rely on it being changed depending on a cookie.
CSS files are cached more heavily than the pages themselves, so even if you try to prevent the file from being cached, some browsers might hold on to an old version longer than they should.
So, if you are thinking of using the CSS for showing or hiding features depending on a cookie, that's not a stable solution.