Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditor.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditor.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditor.java	(revision 1537)
@@ -215,5 +215,5 @@
 	 */
 	public String createHtml() {
-		StringBuilder strEditor = new StringBuilder();
+		StringBuffer strEditor = new StringBuffer();
 
 		strEditor.append("<div>");
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditorConfig.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditorConfig.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/FCKeditorConfig.java	(revision 1537)
@@ -58,5 +58,5 @@
 	 */
 	public String getUrlParams() {
-		StringBuilder osParams = new StringBuilder();
+		StringBuffer osParams = new StringBuffer();
 		try {
 			for (Map.Entry<String, String> entry : this.entrySet()) {
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/connector/ConnectorServlet.java	(revision 1537)
@@ -407,7 +407,7 @@
 			final String currentFolderString, final HttpServletRequest request) {
 		StringWriter retval = new StringWriter();
-		retval.append(ConfigurationHandler.getUserFilesPath(request));
-		retval.append(fileType.getPath());
-		retval.append(currentFolderString);
+		retval.write(ConfigurationHandler.getUserFilesPath(request));
+		retval.write(fileType.getPath());
+		retval.write(currentFolderString);
 		return replaceAll(retval.toString(), "//", "/");
 	}
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/UploadResponse.java	(revision 1537)
@@ -153,5 +153,5 @@
 	@Override
 	public String toString() {
-		StringBuilder sb = new StringBuilder(75);
+		StringBuffer sb = new StringBuffer(75);
 		sb.append("<script type=\"text/javascript\">\n");
 		sb.append("window.parent.OnUploadCompleted(");
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/Utils.java	(revision 1537)
@@ -117,5 +117,5 @@
 		if (string.indexOf(search) == -1)
 			return string;
-		StringBuilder strb = new StringBuilder(string);
+		StringBuffer strb = new StringBuffer(string);
 		int pos = strb.indexOf(search);
 
@@ -162,12 +162,9 @@
 		if (!path.endsWith("/"))
 			return false;
-
-		if (isEmpty(FilenameUtils.normalize(path)))
+		
+		if (!path.equals(FilenameUtils.separatorsToUnix(FilenameUtils
+				.normalize(path))))
 			return false;
-		if (path.contains("/..") || path.contains("../"))
-			return false;
-		if (path.contains("./") || path.contains("/."))
-			return false;
-
+		
 		return true;
 	}
Index: /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/XHtmlTagTool.java
===================================================================
--- /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/XHtmlTagTool.java	(revision 1536)
+++ /FCKeditor.Java/branches/2.4/src/main/java/net/fckeditor/tool/XHtmlTagTool.java	(revision 1537)
@@ -94,5 +94,5 @@
 	@Override
 	public String toString() {
-		StringBuilder tag = new StringBuilder();
+		StringBuffer tag = new StringBuffer();
 
 		// open tag