diff --git a/api/js/etemplate/Et2Image/Et2Image.ts b/api/js/etemplate/Et2Image/Et2Image.ts
index 542dcf9825..602acc6f33 100644
--- a/api/js/etemplate/Et2Image/Et2Image.ts
+++ b/api/js/etemplate/Et2Image/Et2Image.ts
@@ -185,8 +185,8 @@ export class Et2Image extends Et2Widget(LitElement) implements et2_IDetachedDOM
 
         // our own svg images
         //only call unsafeHtml when we are inside /egroupware/
-        const ourSvg = url.match(/\/egroupware\/([^.]+)\.svg/);
-        if (ourSvg)
+        const ourSvg = url.startsWith(this.egw().webserverUrl + '/') //checks if source is trusted
+        if (ourSvg && url.match(/\/bi-.*\.svg/))
         {
             const svg = fetch(url)
                 .then(res => res.text()