-<!--
- docs.cgi
- Web-based text file viewer and formatter.
- Created by pjm2 19/10/2000
- Last modified 02/11/2000
--->
+# Prevent hackers from supplying a malformed document string.
+# I.e. only allow normal characters, slashes and dots.
+unless ($doc =~ /^[a-zA-Z_\-0-9\.\/]+$/) {
+ print "Malformed request.";
+ exit;
+}
+$doc = "../htdocs/documentation/".$doc;
+
+my($docname) = $doc =~ /\/([^\/]+)$/;
+
+print <<"END";
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">