diff --git a/lib/upload_security.rb b/lib/upload_security.rb
index 79e162734b7..039b03d158b 100644
--- a/lib/upload_security.rb
+++ b/lib/upload_security.rb
@@ -78,6 +78,7 @@ class UploadSecurity
   def based_on_regular_emoji?
     return false if @upload.origin.blank?
     uri = URI.parse(@upload.origin)
-    Emoji.all.map(&:url).include?("#{uri.path}?#{uri.query}")
+    return true if Emoji.all.map(&:url).include?("#{uri.path}?#{uri.query}")
+    uri.path.include?("images/emoji")
   end
 end
diff --git a/spec/models/upload_spec.rb b/spec/models/upload_spec.rb
index 73ce096ba82..b2a19721526 100644
--- a/spec/models/upload_spec.rb
+++ b/spec/models/upload_spec.rb
@@ -438,6 +438,15 @@ describe Upload do
         upload.update!(secure: false, origin: "http://localhost:3000#{grinning.url}")
         expect { upload.update_secure_status }
           .not_to change { upload.secure }
+        expect(upload.reload.secure).to eq(false)
+      end
+
+      it 'does not mark any upload with origin containing images/emoji in the URL' do
+        SiteSetting.login_required = true
+        upload.update!(secure: false, origin: "http://localhost:3000/images/emoji/test.png")
+        expect { upload.update_secure_status }
+          .not_to change { upload.secure }
+        expect(upload.reload.secure).to eq(false)
       end
     end
   end