diff --git a/server/controllers/FileSystemController.js b/server/controllers/FileSystemController.js
index 4b0a94b39..41e082fd4 100644
--- a/server/controllers/FileSystemController.js
+++ b/server/controllers/FileSystemController.js
@@ -117,7 +117,7 @@ class FileSystemController {
     filepath = fileUtils.filePathToPOSIX(filepath)
 
     // Ensure filepath is inside library folder (prevents directory traversal)
-    if (!filepath.startsWith(libraryFolder.path)) {
+    if (!fileUtils.isSameOrSubPath(libraryFolder.path, filepath)) {
       Logger.error(`[FileSystemController] Filepath is not inside library folder: ${filepath}`)
       return res.sendStatus(400)
     }