diff --git a/authority/server/run.js b/authority/server/run.js
index 4aeaa8ea8eda1ac6d523ae0c0337de29f31a7697..1c24d5bfacf10ec75891688902ecc0d883cf0553 100644
--- a/authority/server/run.js
+++ b/authority/server/run.js
@@ -11,47 +11,49 @@ const STATIC_DIR = path.join(path.dirname(__dirname), "static");
 
 const COOKIE_SECRET = secrets.hydrateSecret('cookie_secret', __dirname);
 
-exports.handler = function(request, response, serveFile) {
-  // dispatch!
-  var urlpath = url.parse(request.url).pathname;
+exports.handler = function(request, response, next) {
+    // dispatch!
+    var urlpath = url.parse(request.url).pathname;
 
-  if (urlpath === '/sign_in') {
-    serveFile(path.join(STATIC_DIR, "dialog", "index.html"), response);
-  } else if (urlpath === '/register_iframe') {
-    serveFile(path.join(STATIC_DIR, "dialog", "register_iframe.html"), response);
-  } else if (/^\/wsapi\/\w+$/.test(urlpath)) {
-    try {
-      var method = path.basename(urlpath);
-      wsapi[method](request, response);
-    } catch(e) {
-      var errMsg = "oops, error executing wsapi method: " + method + " (" + e.toString() +")";
-      console.log(errMsg);
-      httputils.fourOhFour(response, errMsg);
-    }
-  } else if (/^\/users\/[^\/]+.xml$/.test(urlpath)) {
-    var identity = path.basename(urlpath).replace(/.xml$/, '').replace(/^acct:/, '');
+    if (urlpath === '/sign_in') {
+        // a little remapping!
+        request.url = "/dialog/index.html";
+        next();
+    } else if (urlpath === '/register_iframe') {
+        request.url = "/dialog/register_iframe.html";
+        next();
+    } else if (/^\/wsapi\/\w+$/.test(urlpath)) {
+        try {
+            var method = path.basename(urlpath);
+            wsapi[method](request, response);
+        } catch(e) {
+            var errMsg = "oops, error executing wsapi method: " + method + " (" + e.toString() +")";
+            console.log(errMsg);
+            httputils.fourOhFour(response, errMsg);
+        }
+    } else if (/^\/users\/[^\/]+.xml$/.test(urlpath)) {
+        var identity = path.basename(urlpath).replace(/.xml$/, '').replace(/^acct:/, '');
 
-    webfinger.renderUserPage(identity, function (resultDocument) {
-      if (resultDocument === undefined) {
-        httputils.fourOhFour(response, "I don't know anything about: " + identity + "\n");
-      } else {
-        httputils.xmlResponse(response, resultDocument);
-      }
-    });
-  } else if (urlpath === "/code_update") {
-    console.log("code updated.  shutting down.");
-    process.exit();
-  } else {
-    // node.js takes care of sanitizing the request path
-    serveFile(path.join(STATIC_DIR, urlpath), response);
-  }
+        webfinger.renderUserPage(identity, function (resultDocument) {
+            if (resultDocument === undefined) {
+                httputils.fourOhFour(response, "I don't know anything about: " + identity + "\n");
+            } else {
+                httputils.xmlResponse(response, resultDocument);
+            }
+        });
+    } else if (urlpath === "/code_update") {
+        console.log("code updated.  shutting down.");
+        process.exit();
+    } else {
+        next();
+    }
 };
 
 exports.setup = function(server) {
-  var week = (7 * 24 * 60 * 60 * 1000);
-  server.use(sessions({
-      secret: COOKIE_SECRET,
-      session_key: "browserid_state",
-      path: '/'
-  }));
+    var week = (7 * 24 * 60 * 60 * 1000);
+    server.use(sessions({
+        secret: COOKIE_SECRET,
+        session_key: "browserid_state",
+        path: '/'
+    }));
 }
diff --git a/authority/server/standalone.js b/authority/server/standalone.js
index 9486beea7d2ed378ec04db90f452aaf275748653..7563c90864caa847649855d7bdd1a4fd15283aa9 100644
--- a/authority/server/standalone.js
+++ b/authority/server/standalone.js
@@ -10,59 +10,17 @@ var PRIMARY_PORT = 62700;
 
 var handler = require("./run.js");
 
-function subHostNames(data) {
-    return data;
-}
-
-function serveFile(filename, response) {
-  path.exists(filename, function(exists) {
-    if(!exists) {
-      response.writeHead(404, {"Content-Type": "text/plain"});
-      response.write("404 Not Found");
-      response.end();
-      return;
-    }
-
-    fs.readFile(filename, "binary", function(err, data) {
-      if(err) {
-        response.writeHead(500, {"Content-Type": "text/plain"});
-        response.write(err + "\n");
-        response.end();
-        return;
-      }
-
-      var exts = {
-        ".js":   "text/javascript",
-        ".css":  "text/css",
-        ".html": "text/html",
-        ".webapp": "application/x-web-app-manifest+json",
-        ".png": "image/png",
-        ".ico": "image/x-icon"
-      };
-
-      var ext = path.extname(filename);
-      var mimeType = exts[ext] || "application/octet-stream";
-
-      data = subHostNames(data);
-
-      response.writeHead(200, {"Content-Type": mimeType});
-      response.write(data, "binary");
-      response.end();
-    });
-  });
-}
-
 var server = connect.createServer().use(connect.favicon())
     .use(connect.logger({
-        format: ":status :method :remote-addr :response-time :url",
         stream: fs.createWriteStream(path.join(__dirname, "server.log"))
     }));
 
-// let the specific server interact directly with the connect server to register their middleware 
+// let the specific server interact directly with the connect server to register their middleware
 if (handler.setup) handler.setup(server);
 
-server.use(function(req, resp, next) {
-    handler.handler(req, resp, serveFile, subHostNames);
-});
+server.use(handler.handler);
+
+// use the connect 'static' middleware for serving of static files (cache headers, HTTP range, etc)
+server.use(connect.static(path.join(path.dirname(__dirname), "static")));
 
 server.listen(PRIMARY_PORT, PRIMARY_HOST);