--- loncom/lonhttpd	2005/02/14 00:18:03	1.10
+++ loncom/lonhttpd	2007/04/11 21:37:24	1.13
@@ -1,5 +1,5 @@
 #!/usr/bin/perl
-# $Id: lonhttpd,v 1.10 2005/02/14 00:18:03 albertel Exp $
+# $Id: lonhttpd,v 1.13 2007/04/11 21:37:24 raeburn Exp $
 
 $VERSION = "1.3.2 (Demonic/Linux/LON-CAPA Derivative $Revison$)";
 
@@ -12,6 +12,7 @@ $VERSION = "1.3.2 (Demonic/Linux/LON-CAP
 
 use lib '/home/httpd/lib/perl/';
 use LONCAPA::Configuration();
+use Apache::lonnet;
 %loncapavar=%{&LONCAPA::Configuration::read_conf('loncapa.conf')};
 $port_to_use=$loncapavar{'lonhttpdPort'};
 if (!defined($port_to_use)) {
@@ -51,7 +52,8 @@ if ($port_to_use eq '80') { die('Apache
 	 "mpeg" => "video/mpeg",
 	 "mpg" => "video/mpeg",
 	 "jpeg" => "image/jpeg",
-	 "jpg" => "image/jpeg");
+	 "jpg" => "image/jpeg",
+         "png" => "image/png");
 
 $logfile = "/home/httpd/perl/logs/lonhttpd.log";
 
@@ -348,12 +350,16 @@ while (<STDIN>) {
 	1 while $address =~ s#/\.(/|$)#\1#;
         1 while $address =~ s#/[^/]*/\.\.(/|$)#\1#;
 	1 while $address =~ s#^/\.\.(/|$)#\1#;
-	$fail = 0;
+	$fail = 1;
 #
 # Heavily customized for LON-CAPA
 #
 	$address=~s/\/+/\//g;
-	unless ($address=~/^\/(status|adm\/|res\/adm\/)/) { $fail=1; }
+        if ($address=~/^\/(status|adm\/|res\/adm\/)/) {
+            $fail = 0;
+        } elsif (&Apache::lonnet::is_domainimage($address)) {
+            $fail = 0;
+        }
 #
 # because existing restriction matrix would not do precedence across rules
 #