diff --git a/docker/nginx/default.conf b/docker/nginx/default.conf
index 602a07f89..f0804e77e 100644
--- a/docker/nginx/default.conf
+++ b/docker/nginx/default.conf
@@ -28,7 +28,7 @@ server {
         allow all;
     }
 
-    location =/api/ws {
+    location =/ws {
         proxy_http_version 1.1;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Real-PORT $remote_port;
diff --git a/resources/assets/js/functions/common.js b/resources/assets/js/functions/common.js
index d3b2ed3c3..8e77bfb41 100755
--- a/resources/assets/js/functions/common.js
+++ b/resources/assets/js/functions/common.js
@@ -216,10 +216,14 @@
                 return str;
             }
             if (window.systemInformation && typeof window.systemInformation.origin === "string") {
-                return window.systemInformation.origin + str;
+                str = window.systemInformation.origin + str;
             } else {
-                return window.location.origin + "/" + str;
+                str = window.location.origin + "/" + str;
             }
+            while (str.indexOf("/../") !== -1) {
+                str = str.replace(/\/(((?!\/).)*)\/\.\.\//, "/")
+            }
+            return str
         },
 
         /**
@@ -1558,4 +1562,4 @@
     });
 
     window.$A = $;
-})(window, require('jquery'));
+})(window, window.$ = window.jQuery = require('jquery'));
diff --git a/resources/assets/js/store/actions.js b/resources/assets/js/store/actions.js
index 81eec3022..a768a55c1 100644
--- a/resources/assets/js/store/actions.js
+++ b/resources/assets/js/store/actions.js
@@ -1423,7 +1423,7 @@ export default {
             return;
         }
         //
-        let url = state.method.apiUrl('ws');
+        let url = state.method.apiUrl('../ws');
         url = url.replace("https://", "wss://");
         url = url.replace("http://", "ws://");
         url += "?action=web&token=" + state.userToken;
diff --git a/resources/assets/js/store/state.js b/resources/assets/js/store/state.js
index 099aecb0a..13fa50c33 100644
--- a/resources/assets/js/store/state.js
+++ b/resources/assets/js/store/state.js
@@ -8,10 +8,14 @@ const method = {
             return str;
         }
         if (window.systemInformation && typeof window.systemInformation.apiUrl === "string") {
-            return window.systemInformation.apiUrl + str;
+            str = window.systemInformation.apiUrl + str;
         } else {
-            return window.location.origin + "/api/" + str;
+            str = window.location.origin + "/api/" + str;
         }
+        while (str.indexOf("/../") !== -1) {
+            str = str.replace(/\/(((?!\/).)*)\/\.\.\//, "/")
+        }
+        return str
     },
 
     date2string(params, format) {