diff --git a/lib/Middleware/WOPIMiddleware.php b/lib/Middleware/WOPIMiddleware.php
index 4a3a350f48..2cfe5be3da 100644
--- a/lib/Middleware/WOPIMiddleware.php
+++ b/lib/Middleware/WOPIMiddleware.php
@@ -28,6 +28,7 @@
 namespace OCA\Richdocuments\Middleware;
 
 use OCA\Richdocuments\AppInfo\Application;
+use OCA\Richdocuments\Controller\AssetsController;
 use OCA\Richdocuments\Controller\WopiController;
 use OCA\Richdocuments\Db\WopiMapper;
 use OCA\Richdocuments\Helper;
@@ -61,7 +62,11 @@ public function __construct(IConfig $config, IRequest $request, WopiMapper $wopi
 	public function beforeController($controller, $methodName) {
 		parent::beforeController($controller, $methodName);
 
-		if ($controller instanceof WopiController && !$this->isWOPIAllowed()) {
+		// Check controllers that are only supposed to be called by Collabora directly
+		// FIXME: This can be moved to a PHP attribute in the future
+		$isRestrictedController = $controller instanceof WopiController
+			|| ($controller instanceof AssetsController && $methodName === 'get');
+		if ($isRestrictedController && !$this->isWOPIAllowed()) {
 			throw new NotPermittedException();
 		}