+ if (r == 2 && assoc->server && assoc->server->docpath
+ && hreq->path[0] == '/'
+ &&
+ /* check if path is a proper prefix of documentroot */
+ strncmp(hreq->path+1, assoc->server->docpath,
+ strlen(assoc->server->docpath))
+ == 0)
+ {
+ if (!check_path(hreq->path))
+ {
+ yaz_log(YLOG_LOG, "File %s access forbidden", hreq->path+1);
+ p = z_get_HTTP_Response(o, 404);
+ }
+ else
+ {
+ size_t content_size = 0;
+ char *content_buf = read_file(hreq->path+1, o, &content_size);
+ if (!content_buf)
+ {
+ yaz_log(YLOG_LOG, "File %s not found", hreq->path+1);
+ p = z_get_HTTP_Response(o, 404);
+ }
+ else
+ {
+ const char *ctype = 0;
+ yaz_mime_types types = yaz_mime_types_create();
+
+ yaz_mime_types_add(types, "xsl", "application/xml");
+ yaz_mime_types_add(types, "xml", "application/xml");
+ yaz_mime_types_add(types, "css", "text/css");
+ yaz_mime_types_add(types, "html", "text/html");
+ yaz_mime_types_add(types, "htm", "text/html");
+ yaz_mime_types_add(types, "txt", "text/plain");
+ yaz_mime_types_add(types, "js", "application/x-javascript");
+
+ yaz_mime_types_add(types, "gif", "image/gif");
+ yaz_mime_types_add(types, "png", "image/png");
+ yaz_mime_types_add(types, "jpg", "image/jpeg");
+ yaz_mime_types_add(types, "jpeg", "image/jpeg");
+
+ ctype = yaz_mime_lookup_fname(types, hreq->path);
+ if (!ctype)
+ {
+ yaz_log(YLOG_LOG, "No mime type for %s", hreq->path+1);
+ p = z_get_HTTP_Response(o, 404);
+ }
+ else
+ {
+ p = z_get_HTTP_Response(o, 200);
+ hres = p->u.HTTP_Response;
+ hres->content_buf = content_buf;
+ hres->content_len = content_size;
+ z_HTTP_header_add(o, &hres->headers, "Content-Type", ctype);
+ }
+ yaz_mime_types_destroy(types);
+ }
+ }