diff --git a/src/Site/SiteStorage.py b/src/Site/SiteStorage.py
index d901d5fa..6c9d48c1 100644
--- a/src/Site/SiteStorage.py
+++ b/src/Site/SiteStorage.py
@@ -362,7 +362,7 @@ class SiteStorage(object):
         if not inner_path:
             return self.directory
 
-        if ".." in inner_path:
+        if "../" in inner_path:
             raise Exception(u"File not allowed: %s" % inner_path)
 
         return u"%s/%s" % (self.directory, inner_path)
diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py
index 8c4c09dd..7fcc3c9e 100644
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@@ -526,7 +526,7 @@ class UiRequest(object):
         if path.endswith("/"):
             path = path + "index.html"
 
-        if ".." in path or "./" in path:
+        if "../" in path or "./" in path:
             raise SecurityError("Invalid path")
 
         match = re.match("/media/(?P<address>[A-Za-z0-9]+[A-Za-z0-9\._-]+)(?P<inner_path>/.*|$)", path)