diff --git a/tds/src/main/java/thredds/util/TdsPathUtils.java b/tds/src/main/java/thredds/util/TdsPathUtils.java
index 52d6ded374..375c26931a 100644
--- a/tds/src/main/java/thredds/util/TdsPathUtils.java
+++ b/tds/src/main/java/thredds/util/TdsPathUtils.java
@@ -42,8 +42,8 @@ public static String extractPath(HttpServletRequest req, String removePrefix) {
     if (dataPath.startsWith("/"))
       dataPath = dataPath.substring(1);
 
-    if (dataPath.contains("..")) // LOOK what about escapes ??
-      throw new IllegalArgumentException("path cannot contain '..'");
+    if (dataPath.contains("../")) // LOOK what about escapes ??
+      throw new IllegalArgumentException("path cannot contain '../'");
 
     return dataPath;
   }