diff --git a/system/src/Grav/Common/Session.php b/system/src/Grav/Common/Session.php
index 7c74392fc..dffc01650 100644
--- a/system/src/Grav/Common/Session.php
+++ b/system/src/Grav/Common/Session.php
@@ -40,7 +40,7 @@ class Session extends BaseSession
         $session_timeout = $config->get('system.session.timeout', 1800);
         $session_path = $config->get('system.session.path');
         if (!$session_path) {
-            $session_path = '/' . ltrim($base_url, '/');
+            $session_path = '/' . ltrim(Uri::filterPath($base_url), '/');
         }
 
         // Activate admin if we're inside the admin path.
diff --git a/system/src/Grav/Common/Uri.php b/system/src/Grav/Common/Uri.php
index a67b19217..56e425af2 100644
--- a/system/src/Grav/Common/Uri.php
+++ b/system/src/Grav/Common/Uri.php
@@ -985,7 +985,7 @@ class Uri
 
         // Handle route only
         if ($route_only) {
-            $url_path = str_replace($base_url, '', $url_path);
+            $url_path = str_replace(static::filter($base_url), '', $url_path);
         }
 
         // transform back to string/array as needed