diff --git a/playwright/e2e-examples/e2e-tests/server/index.js b/playwright/e2e-examples/e2e-tests/server/index.js
index a0e50722..3df475c6 100644
--- a/playwright/e2e-examples/e2e-tests/server/index.js
+++ b/playwright/e2e-examples/e2e-tests/server/index.js
@@ -31,6 +31,12 @@ class Server {
         break;
 
       default:
+    if (path.normalize(decodeURI(req.url)) !== decodeURI(req.url)) {
+        res.statusCode = 403;
+        res.end();
+        return;
+    }
+    
         const localFilePath = path.join(__dirname, 'assets', req.url === '/' ? 'index.html' : req.url);
         function shouldServe() {
           try {