diff --git a/modules/content_management/class/class_content_manager_tools_Abstract.php b/modules/content_management/class/class_content_manager_tools_Abstract.php
index 098657b12a5786d36ed299f19bc759ca311ba3c2..3af521affe05bb9d195b2eaf9587ffcc529595fe 100755
--- a/modules/content_management/class/class_content_manager_tools_Abstract.php
+++ b/modules/content_management/class/class_content_manager_tools_Abstract.php
@@ -599,7 +599,8 @@ abstract class content_management_tools_Abstract
         $_SESSION['cm_applet'][$_SESSION['user']['UserId']] = [];
         $_SESSION['cm_applet'][$_SESSION['user']['UserId']][$uid_applet_name]=$uid_applet_name.'.lck';
 
-        $file = "{$jar_url}rest/jnlp?fileName={$jnlp_name}";
+        $pathUrl = trim($jar_url, '/');
+        $file = "{$pathUrl}/rest/jnlp?fileName={$jnlp_name}";
 
         //echo '<a id="jnlp_file" href="'.$file.'" onclick="window.location.href=\''.$file.'\';self.close();"></a>';
         echo '<script>window.location.href=\''.$file.'\';if($(\'CMApplet\')) {destroyModal(\'CMApplet\');};if($(\'CMApplet\')) {destroyModal(\'CMApplet\');};</script>';
diff --git a/src/core/controllers/CoreController.php b/src/core/controllers/CoreController.php
index 5bd442bc1c459cbcc08575f4d97595cdea463dd1..67d419c57c42819143e6e704b59f0d1c83ff992e 100644
--- a/src/core/controllers/CoreController.php
+++ b/src/core/controllers/CoreController.php
@@ -77,7 +77,7 @@ class CoreController
 
         if (explode('.', $data['fileName'])[1] != 'jnlp') {
             return $response->withStatus(403)->withJson(['errors' => 'File extension forbidden']);
-        } elseif (strpos($data['fileName'], "{$GLOBALS['userId']}_maarchCM_")) {
+        } elseif (strpos($data['fileName'], "{$GLOBALS['userId']}_maarchCM_") === false) {
             return $response->withStatus(403)->withJson(['errors' => 'File name forbidden']);
         }