diff --git a/var/www/pages/index.php b/var/www/pages/index.php
index 8bb5c33..87b7bd3 100644
--- a/var/www/pages/index.php
+++ b/var/www/pages/index.php
@@ -29,6 +29,7 @@ if ($request_url === "/") {
 ");
 }
 
+# Restrict allowed characters in request URI:
 if (preg_match("/^\/[a-zA-Z0-9_ +\-\/\.]+\$/", $request_url) != 1) {
     send_response(404, "invalid request URL");
 }
@@ -39,10 +40,12 @@ array_shift($parts); # remove empty first
 $owner = strtolower(array_shift($parts));
 $git_root = realpath("$git_prefix/$owner/pages.git");
 
+# Ensure that only files within the user's pages repository are accessed:
 if (substr($git_root, 0, strlen($git_prefix)) !== $git_prefix) {
     send_response(404, "this user/organization does not have codeberg pages");
 }
 
+# If URL ends on "/", last entry in array is empty. Remove it:
 if (end($parts) === "") {
     array_pop($parts);
 }