Wrong fonts content-type when UiPassword is enabled

Step 1: Please describe your environment

ZeroNet version: 0.7.0 r4059
Operating system: Arch Linux
Web browser: Firefox 66
Tor status: enabled
Opened port: yes
Special configuration:

Step 2: Describe the problem:

When UiPassword is enabled, some files, fonts are sent with Content-Type: text/html; charset=utf-8, getContentType doesn't get called on them. Also Access-Control-Allow-Origin header is missing.

Steps to reproduce:

Open site http://127.0.0.1:43110/14c5LUN73J7KKMznp9LvZWkxpZFWgE1sDz/ with UiPassword disabled.
Content-type of http://127.0.0.1:43110/14c5LUN73J7KKMznp9LvZWkxpZFWgE1sDz/fonts/material-icons/MaterialIcons-Regular.woff2 is application/octet-stream.
Enable UiPassword and reload site.
Content-type of http://127.0.0.1:43110/14c5LUN73J7KKMznp9LvZWkxpZFWgE1sDz/fonts/material-icons/MaterialIcons-Regular.woff2 is text/html; charset=utf-8 and browser blocks request because Access-Control-Allow-Origin header is missing.

Observed Results:

Fonts fail to load because of wrong content-type and missing Access-Control-Allow-Origin header. I added print('getContentType called: file_name={}, content_type={}'.format(file_name, content_type)) to getContentType and this is what I got: UiPassword disabled:

getContentType called: file_name=index.html, content_type=text/html getContentType called: file_name=all.css, content_type=text/css getContentType called: file_name=all.css, content_type=text/css getContentType called: file_name=all.js, content_type=application/javascript getContentType called: file_name=logo-white.png, content_type=image/png getContentType called: file_name=index.html, content_type=text/html getContentType called: file_name=fonts/material-icons/material-icons.css, content_type=text/css getContentType called: file_name=material-icons.css, content_type=text/css getContentType called: file_name=css/main.css, content_type=text/css getContentType called: file_name=main.css, content_type=text/css getContentType called: file_name=css/asciinema-player.css, content_type=text/css getContentType called: file_name=asciinema-player.css, content_type=text/css getContentType called: file_name=js/asciinema-player.js, content_type=application/javascript getContentType called: file_name=asciinema-player.js, content_type=application/javascript getContentType called: file_name=js/all.js, content_type=application/javascript getContentType called: file_name=all.js, content_type=application/javascript getContentType called: file_name=fonts/material-icons/materialicons-regular.woff2, content_type=application/octet-stream getContentType called: file_name=materialicons-regular.woff2, content_type=application/octet-stream

UiPassword enabled:

getContentType called: file_name=index.html, content_type=text/html getContentType called: file_name=all.css, content_type=text/css getContentType called: file_name=all.css, content_type=text/css getContentType called: file_name=all.js, content_type=application/javascript getContentType called: file_name=logo-white.png, content_type=image/png getContentType called: file_name=index.html, content_type=text/html getContentType called: file_name=css/main.css, content_type=text/css getContentType called: file_name=main.css, content_type=text/css getContentType called: file_name=fonts/material-icons/material-icons.css, content_type=text/css getContentType called: file_name=material-icons.css, content_type=text/css getContentType called: file_name=css/asciinema-player.css, content_type=text/css getContentType called: file_name=asciinema-player.css, content_type=text/css getContentType called: file_name=js/asciinema-player.js, content_type=application/javascript getContentType called: file_name=asciinema-player.js, content_type=application/javascript getContentType called: file_name=js/all.js, content_type=application/javascript getContentType called: file_name=all.js, content_type=application/javascript

Expected Results:

Zeronet sends fonts with right headers and browser loads them.

HelloZeroNet / ZeroNet