diff --git a/editor/svg-editor.js b/editor/svg-editor.js
index a8cad76d..881936c9 100644
--- a/editor/svg-editor.js
+++ b/editor/svg-editor.js
@@ -537,6 +537,9 @@ TO-DOS
 			var extFunc = function() {
 				$.each(curConfig.extensions, function() {
 					var extname = this;
+					if (!extname.match(/^ext-.*\.js/)) { // Ensure URL cannot specify some other unintended file in the extPath
+						return;
+					}
 					$.getScript(curConfig.extPath + extname, function(d) {
 						// Fails locally in Chrome 5
 						if (!d) {