diff --git a/lib/gollum/app.rb b/lib/gollum/app.rb
index 88bc9ce2..e2caa6ec 100644
--- a/lib/gollum/app.rb
+++ b/lib/gollum/app.rb
@@ -152,11 +152,11 @@ module Precious
         end
       end
 
-      get %r{/(edit|create)/(custom|mathjax\.config\.)\.(js|css)} do
+      get %r{/(edit|create)/(custom|mathjax\.config)\.(js|css)} do
         forbid('Changing this resource is not allowed.')
       end
 
-      post %r{/(delete|rename|edit|create)/(custom|mathjax\.config\.)\.(js|css)} do
+      post %r{/(delete|rename|edit|create)/(custom|mathjax\.config)\.(js|css)} do
         forbid('Changing this resource is not allowed.')
       end
 
diff --git a/test/test_app.rb b/test/test_app.rb
index 6c89c485..e4832283 100644
--- a/test/test_app.rb
+++ b/test/test_app.rb
@@ -524,6 +524,8 @@ context "Frontend" do
         get "/gollum/#{route}/custom#{ext}"
         assert_equal 403, last_response.status, "get /gollum/#{route}/custom#{ext} -- #{last_response.inspect}"
       end
+      get "/gollum/#{route}/mathjax.config.js"
+      assert_equal 403, last_response.status, "get /gollum/#{route}/mathjax.config.js -- #{last_response.inspect}"
     end
 
     ['delete', 'rename', 'edit', 'create'].each do |route|
@@ -531,6 +533,8 @@ context "Frontend" do
         post "/gollum/#{route}/custom#{ext}"
         assert_equal 403, last_response.status, "post /gollum/#{route}/custom#{ext} -- #{last_response.inspect}"
       end
+      post "/gollum/#{route}/mathjax.config.js"
+      assert_equal 403, last_response.status, "post /gollum/#{route}/mathjax.config.js -- #{last_response.inspect}"
     end
 
     ['.css', '.js'].each do |ext|