diff --git a/lib/WebGUI/Session/Url.pm b/lib/WebGUI/Session/Url.pm
index 7eef20ec5..03cc7e3ad 100644
--- a/lib/WebGUI/Session/Url.pm
+++ b/lib/WebGUI/Session/Url.pm
@@ -516,7 +516,7 @@ sub unescape {
 =head2 urlize ( string )
 
 Returns a url that is safe for WebGUI pages.  Strings are lower-cased, run through
-$self->makeCompliant and then have any trailing slashes removed.
+$self->makeCompliant and then have any relative segments and trailing slashes removed.
 
 =head3 string
 
@@ -525,17 +525,17 @@ The string to urlize.
 =cut
 
 sub urlize {
-	my $self = shift;
-	my ($value);
-        $value = lc(shift);		#lower cases whole string
-	$value = $self->makeCompliant($value);
+    my $self = shift;
+    my ($value);
+    $value = lc(shift);		#lower cases whole string
+    $value = $self->makeCompliant($value);
 
     # remove /./ or /../
-    $value =~ s{(^|/)\.\.?/}{$1};
+    $value =~ s{(^|/)(?:\.\.?/)*}{$1}g;
 
     # remove trailing slashes
-	$value =~ s/\/$//;
-        return $value;
+    $value =~ s/\/$//;
+    return $value;
 }
 
 
diff --git a/t/Session/Url.t b/t/Session/Url.t
index c1145a434..c7bb41551 100644
--- a/t/Session/Url.t
+++ b/t/Session/Url.t
@@ -52,7 +52,7 @@ my @getRefererUrlTests = (
 
 use Test::More;
 use Test::MockObject::Extends;
-plan tests => 76 + scalar(@getRefererUrlTests);
+plan tests => 81 + scalar(@getRefererUrlTests);
 
 my $session = WebGUI::Test->session;
 
@@ -359,8 +359,13 @@ is($unEscapedString, '10% is enough!', 'unescape method');
 #######################################
 
 is($session->url->urlize('HOME/PATH1'), 'home/path1', 'urlize: urls are lower cased');
-is($session->url->urlize('home/'), 'home', 'urlize: trailing slashes removed');
-is($session->url->urlize('home is where the heart is'), 'home-is-where-the-heart-is', 'urlize: makeCompliant translates spaces to dashes');
+is($session->url->urlize('home/'), 'home', '... trailing slashes removed');
+is($session->url->urlize('home is where the heart is'), 'home-is-where-the-heart-is', '... makeCompliant translates spaces to dashes');
+is($session->url->urlize('/home'), 'home', '... removes initial slash');
+is($session->url->urlize('home/../out-of-bounds'),    'home/out-of-bounds', '... removes multiple ../');
+is($session->url->urlize('home/./here'),              'home/here', '... removes multiple ./');
+is($session->url->urlize('home/../../out-of-bounds'), 'home/out-of-bounds', '... removes multiple ../');
+is($session->url->urlize('home/././here'),            'home/here', '... removes multiple ./');
 
 #######################################
 #