You can't. Whether they are .js or .css doesn't matter simply because they are not inlined. To find out what inline really means, go to http://www.engelschall.com/pw/apache/rewriteguide/
and check Blocked Inline-Images
Always some examples!!
1) Example of http://www.yourdomain.com/mypic.html
(this is not inline image, just like your .css file):
When requesting this page, Apache really sends two request_uri: /mypic.html
If you block your non-inline image or .css or whatever, you would get a broken image because access to it has been denied.
2) Same example but with inline image
<p><a href="/inline-image/my_original_size_pic.jpg"><img src="/image/my_thumbnail_pic.jpg"></a></p>
When requesting this page, Apache sends two request_uri: /mypic.html
and /image/my_thumbnail_pic.jpg but
not /inline-image/my_original_size_pic.jpg until a click to your thumbnail.
When requesting your inline image (/inline-image/my_original_size_pic.jpg), the HTTP_REFERER should be from your site (http://www.mydomain.com/mypic.html
specifically). If it's not, you can block your my_original_size_pic.jpg based on the env value of HTTP_REFERER.
Your question is really similar to How can i hide the html source code from the browser view source
message found in Security
forum. Many foolish people still think it's possible and continue posting to that stupid thread without having a real understanding of how the web really works.