The source project of this merge request has been removed.
bugfix: format: html for home roots
That's the only thing the controller handles meaningful. Before the route would also catch anything that started with a . interpreting it as a format string. This lead to lots of false positives in our security scanner.