app/Theming/ThemeController.php

<?php

namespace BookStack\Theming;

use BookStack\Facades\Theme;
use BookStack\Http\Controller;
use BookStack\Util\FilePathNormalizer;
use Symfony\Component\HttpFoundation\StreamedResponse;

class ThemeController extends Controller
{
    /**
     * Serve a public file from the configured theme.
     */
    public function publicFile(string $theme, string $path): StreamedResponse
    {
        $cleanPath = FilePathNormalizer::normalize($path);
        if ($theme !== Theme::getTheme() || !$cleanPath) {
            abort(404);
        }

        $filePath = Theme::findFirstFile("public/{$cleanPath}");
        if (!$filePath) {
            abort(404);
        }

        $response = $this->download()->streamedFileInline($filePath);
        $response->setMaxAge(86400);

        return $response;
    }
}
Themes: Added route to serve public theme files Allows files to be placed within a "public" folder within a theme directory which the contents of will served by BookStack for access. - Only "web safe" content-types are provided. - A static 1 day cache time it set on served files. For #3904 2025-01-13 14:30:53 +00:00			`<?php`

			`namespace BookStack\Theming;`

			`use BookStack\Facades\Theme;`
			`use BookStack\Http\Controller;`
			`use BookStack\Util\FilePathNormalizer;`
Theme System: Added initial module implementations 2026-02-01 11:53:46 +00:00			`use Symfony\Component\HttpFoundation\StreamedResponse;`
Themes: Added route to serve public theme files Allows files to be placed within a "public" folder within a theme directory which the contents of will served by BookStack for access. - Only "web safe" content-types are provided. - A static 1 day cache time it set on served files. For #3904 2025-01-13 14:30:53 +00:00
			`class ThemeController extends Controller`
			`{`
			`/**`
			`* Serve a public file from the configured theme.`
			`*/`
Theme System: Added initial module implementations 2026-02-01 11:53:46 +00:00			`public function publicFile(string $theme, string $path): StreamedResponse`
Themes: Added route to serve public theme files Allows files to be placed within a "public" folder within a theme directory which the contents of will served by BookStack for access. - Only "web safe" content-types are provided. - A static 1 day cache time it set on served files. For #3904 2025-01-13 14:30:53 +00:00			`{`
			`$cleanPath = FilePathNormalizer::normalize($path);`
			`if ($theme !== Theme::getTheme() \|\| !$cleanPath) {`
			`abort(404);`
			`}`

Theme System: Added initial module implementations 2026-02-01 11:53:46 +00:00			`$filePath = Theme::findFirstFile("public/{$cleanPath}");`
			`if (!$filePath) {`
Themes: Added route to serve public theme files Allows files to be placed within a "public" folder within a theme directory which the contents of will served by BookStack for access. - Only "web safe" content-types are provided. - A static 1 day cache time it set on served files. For #3904 2025-01-13 14:30:53 +00:00			`abort(404);`
			`}`

			`$response = $this->download()->streamedFileInline($filePath);`
			`$response->setMaxAge(86400);`

			`return $response;`
			`}`
			`}`