diff --git a/CyberCP/secMiddleware.py b/CyberCP/secMiddleware.py
index 5183a9569..563e99858 100644
--- a/CyberCP/secMiddleware.py
+++ b/CyberCP/secMiddleware.py
@@ -19,6 +19,9 @@ class secMiddleware:
                         pass
                     else:
                         continue
+
+                    if request.build_absolute_uri().find('filemanager') > -1:
+                        continue
                     if key == 'emailMessage' or key == 'configData' or key == 'rewriteRules' or key == 'modSecRules' or key == 'recordContentTXT' or key == 'SecAuditLogRelevantStatus' or key == 'fileContent':
                         continue
                     if value.find(';') > -1 or value.find('&&') > -1 or value.find('|') > -1 or value.find('...') > -1:
diff --git a/filemanager/filemanager.py b/filemanager/filemanager.py
index d26aa8598..cea0145d3 100644
--- a/filemanager/filemanager.py
+++ b/filemanager/filemanager.py
@@ -6,6 +6,7 @@ from plogical.processUtilities import ProcessUtilities
 from websiteFunctions.models import Websites
 from random import randint
 from django.core.files.storage import FileSystemStorage
+import HTMLParser
 
 class FileManager:
     def __init__(self, request, data):
@@ -19,6 +20,8 @@ class FileManager:
         return HttpResponse(final_json)
 
     def returnPathEnclosed(self, path):
+        htmlParser = HTMLParser.HTMLParser()
+        path = htmlParser.unescape(path)
         return "'" + path + "'"
 
     def changeOwner(self,  path):