diff --git a/index.js b/index.js
index 98ac10c5a..eb48e2031 100755
--- a/index.js
+++ b/index.js
@@ -7387,9 +7387,13 @@ F.$requestcontinue = function(req, res, headers) {
 
 		// Stops path travelsation outside of "public" directory
 		// A potential security issue
-		if (req.uri.pathname.indexOf('./') !== -1) {
-			req.$total_status(404);
-			return;
+		for (var i = 0; i < req.uri.pathname.length; i++) {
+			var c = req.uri.pathname[i];
+			var n = req.uri.pathname[i + 1];
+			if ((c === '.' && n === '/') || (c === '%' && n === '2' && req.uri.pathname[i + 2] === 'e')) {
+				req.$total_status(404);
+				return;
+			}
 		}
 
 		F.stats.request.file++;
diff --git a/package.json b/package.json
index 6c6788e74..81aa2354b 100755
--- a/package.json
+++ b/package.json
@@ -99,7 +99,7 @@
         "name": "Sarp Aykent",
         "email": "shackhers@gmail.com"
     }],
-    "version": "3.2.2",
+    "version": "3.2.3",
     "homepage": "http://www.totaljs.com",
     "bugs": {
         "url": "https://github.com/totaljs/framework/issues",