diff --git a/lib/node-static.js b/lib/node-static.js
index ebb748b..1823ef4 100644
--- a/lib/node-static.js
+++ b/lib/node-static.js
@@ -293,7 +293,7 @@ Server.prototype.stream = function (pathname, files, buffer, res, callback) {
         var file = files.shift();
 
         if (file) {
-            file = file[0] === '/' ? file : path.join(pathname || '.', file);
+            file = path.resolve(file) === path.normalize(file)  ? file : path.join(pathname || '.', file);
 
             // Stream the file to the client
             fs.createReadStream(file, {