diff --git a/services/web/app/coffee/Features/Authorization/AuthorizationManager.coffee b/services/web/app/coffee/Features/Authorization/AuthorizationManager.coffee
index ded0b6f979..90c8cdb485 100644
--- a/services/web/app/coffee/Features/Authorization/AuthorizationManager.coffee
+++ b/services/web/app/coffee/Features/Authorization/AuthorizationManager.coffee
@@ -4,6 +4,8 @@ User = require("../../models/User").User
 PrivilegeLevels = require("./PrivilegeLevels")
 PublicAccessLevels = require("./PublicAccessLevels")
 Errors = require("../Errors/Errors")
+ObjectId = require("mongojs").ObjectId
+
 
 module.exports = AuthorizationManager =
 	# Get the privilege level that the user has for the project
@@ -13,6 +15,8 @@ module.exports = AuthorizationManager =
 	#   * becausePublic: true if the access level is only because the project is public.
 	getPrivilegeLevelForProject: (user_id, project_id, callback = (error, privilegeLevel, becausePublic) ->) ->
 		getPublicAccessLevel = () ->
+			if !ObjectId.isValid(project_id)
+				return callback(new Error("invalid project id"))
 			Project.findOne { _id: project_id }, { publicAccesLevel: 1 }, (error, project) ->
 				return callback(error) if error?
 				if !project?
diff --git a/services/web/app/coffee/Features/Blog/BlogController.coffee b/services/web/app/coffee/Features/Blog/BlogController.coffee
index 0f0d9383c7..eb2b3fad94 100644
--- a/services/web/app/coffee/Features/Blog/BlogController.coffee
+++ b/services/web/app/coffee/Features/Blog/BlogController.coffee
@@ -10,7 +10,7 @@ module.exports = BlogController =
 		url = req.url?.toLowerCase()
 		blogUrl = "#{settings.apis.blog.url}#{url}"
 
-		extensionsToProxy = [".png", ".xml", ".jpeg", ".json", ".zip", ".eps", ".gif"]
+		extensionsToProxy = [".png", ".xml", ".jpeg", ".jpg", ".json", ".zip", ".eps", ".gif"]
 
 		shouldProxy = _.find extensionsToProxy, (extension)->
 			url.indexOf(extension) != -1
@@ -42,4 +42,4 @@ module.exports = BlogController =
 		upstream = request.get(originUrl)
 		upstream.on "error", (error) ->
 			logger.error err: error, "blog proxy error"
-		upstream.pipe res
\ No newline at end of file
+		upstream.pipe res
diff --git a/services/web/app/coffee/Features/FileStore/FileStoreHandler.coffee b/services/web/app/coffee/Features/FileStore/FileStoreHandler.coffee
index eb5c2cd03f..10545cca76 100644
--- a/services/web/app/coffee/Features/FileStore/FileStoreHandler.coffee
+++ b/services/web/app/coffee/Features/FileStore/FileStoreHandler.coffee
@@ -13,6 +13,9 @@ module.exports = FileStoreHandler =
 			if err?
 				logger.err err:err, project_id:project_id, file_id:file_id, fsPath:fsPath, "error stating file"
 				callback(err)
+			if !stat?
+				logger.err project_id:project_id, file_id:file_id, fsPath:fsPath, "stat is not available, can not check file from disk"
+				return callback(new Error("error getting stat, not available"))
 			if !stat.isFile()
 				logger.log project_id:project_id, file_id:file_id, fsPath:fsPath, "tried to upload symlink, not contining"
 				return callback(new Error("can not upload symlink"))
diff --git a/services/web/app/coffee/Features/Project/ProjectDuplicator.coffee b/services/web/app/coffee/Features/Project/ProjectDuplicator.coffee
index 6cae962b04..d945326395 100644
--- a/services/web/app/coffee/Features/Project/ProjectDuplicator.coffee
+++ b/services/web/app/coffee/Features/Project/ProjectDuplicator.coffee
@@ -15,9 +15,11 @@ module.exports = ProjectDuplicator =
 	_copyDocs: (newProject, originalRootDoc, originalFolder, desFolder, docContents, callback)->
 		setRootDoc = _.once (doc_id)->
 			projectEntityHandler.setRootDoc newProject._id, doc_id
-
-		jobs = originalFolder.docs.map (doc)->
+		docs = originalFolder.docs or []
+		jobs = docs.map (doc)->
 			return (cb)->
+				if !doc?._id?
+					return callback()
 				content = docContents[doc._id.toString()]
 				projectEntityHandler.addDocWithProject newProject, desFolder._id, doc.name, content.lines, (err, newDoc)->
 					if err?
@@ -30,7 +32,8 @@ module.exports = ProjectDuplicator =
 		async.series jobs, callback
 
 	_copyFiles: (newProject, originalProject_id, originalFolder, desFolder, callback)->
-		jobs = originalFolder.fileRefs.map (file)->
+		fileRefs = originalFolder.fileRefs or []
+		jobs = fileRefs.map (file)->
 			return (cb)->
 				projectEntityHandler.copyFileFromExistingProjectWithProject newProject, desFolder._id, originalProject_id, file, cb
 		async.parallelLimit jobs, 5, callback
@@ -40,10 +43,14 @@ module.exports = ProjectDuplicator =
 		ProjectGetter.getProject newProject_id, {rootFolder:true, name:true}, (err, newProject)->
 			if err?
 				logger.err project_id:newProject_id, "could not get project"
-				return cb(err)
+				return callback(err)
 
-			jobs = originalFolder.folders.map (childFolder)->
+			folders = originalFolder.folders or []
+
+			jobs = folders.map (childFolder)->
 				return (cb)->
+					if !childFolder?._id?
+						return cb()
 					projectEntityHandler.addFolderWithProject newProject, desFolder?._id, childFolder.name, (err, newFolder)->
 						return cb(err) if err?
 						ProjectDuplicator._copyFolderRecursivly newProject_id, originalProject_id, originalRootDoc, childFolder, newFolder, docContents, cb
diff --git a/services/web/app/coffee/Features/Project/ProjectLocator.coffee b/services/web/app/coffee/Features/Project/ProjectLocator.coffee
index 44f68123d6..62b495e5d2 100644
--- a/services/web/app/coffee/Features/Project/ProjectLocator.coffee
+++ b/services/web/app/coffee/Features/Project/ProjectLocator.coffee
@@ -26,6 +26,8 @@ module.exports = ProjectLocator =
 			element = _.find searchFolder[elementType], (el)-> el?._id+'' == element_id+'' #need to ToString both id's for robustness
 			if !element? && searchFolder.folders? && searchFolder.folders.length != 0
 				_.each searchFolder.folders, (folder, index)->
+					if !folder?
+						return
 					newPath = {}
 					newPath[key] = value for own key,value of path #make a value copy of the string
 					newPath.fileSystem += "/#{folder.name}"
diff --git a/services/web/public/coffee/ide/file-tree/FileTreeManager.coffee b/services/web/public/coffee/ide/file-tree/FileTreeManager.coffee
index c4ad4b30a4..dd6f813430 100644
--- a/services/web/public/coffee/ide/file-tree/FileTreeManager.coffee
+++ b/services/web/public/coffee/ide/file-tree/FileTreeManager.coffee
@@ -173,6 +173,8 @@ define [
 			@_findEntityByPathInFolder @$scope.rootFolder, path
 
 		_findEntityByPathInFolder: (folder, path) ->
+			if !path? or !folder?
+				return null
 			parts = path.split("/")
 			name = parts.shift()
 			rest = parts.join("/")
diff --git a/services/web/test/UnitTests/coffee/Authorization/AuthorizationManagerTests.coffee b/services/web/test/UnitTests/coffee/Authorization/AuthorizationManagerTests.coffee
index fcacce5164..b85449d7fd 100644
--- a/services/web/test/UnitTests/coffee/Authorization/AuthorizationManagerTests.coffee
+++ b/services/web/test/UnitTests/coffee/Authorization/AuthorizationManagerTests.coffee
@@ -136,7 +136,20 @@ describe "AuthorizationManager", ->
 			it "should return a NotFoundError", ->
 				@AuthorizationManager.getPrivilegeLevelForProject @user_id, @project_id, (error) ->
 					error.should.be.instanceof Errors.NotFoundError
-	
+
+		describe "when the project id is not validssssssss", ->
+			beforeEach ->
+				@AuthorizationManager.isUserSiteAdmin.withArgs(@user_id).yields(null, false)
+				@CollaboratorsHandler.getMemberIdPrivilegeLevel
+					.withArgs(@user_id, @project_id)
+					.yields(null, "readOnly")
+
+			it "should return a error", (done)->
+				@AuthorizationManager.getPrivilegeLevelForProject undefined, "not project id", (err) =>
+					@Project.findOne.called.should.equal false
+					expect(err).to.exist
+					done()
+
 	describe "canUserReadProject", ->
 		beforeEach ->
 			@AuthorizationManager.getPrivilegeLevelForProject = sinon.stub()
diff --git a/services/web/test/UnitTests/coffee/FileStore/FileStoreHandlerTests.coffee b/services/web/test/UnitTests/coffee/FileStore/FileStoreHandlerTests.coffee
index 7452c6fb79..01990787e1 100644
--- a/services/web/test/UnitTests/coffee/FileStore/FileStoreHandlerTests.coffee
+++ b/services/web/test/UnitTests/coffee/FileStore/FileStoreHandlerTests.coffee
@@ -96,6 +96,13 @@ describe "FileStoreHandler", ->
 					@fs.createReadStream.called.should.equal false
 					done()
 
+		describe "symlink", ->
+			it "should not read file stat returns nothing", (done)->
+				@fs.lstat = sinon.stub().callsArgWith(1, null, null)
+				@handler.uploadFileFromDisk @project_id, @file_id, @fsPath, =>
+					@fs.createReadStream.called.should.equal false
+					done()
+
 		describe "when upload fails", ->
 			beforeEach ->
 				@writeStream.on = (type, cb) ->
diff --git a/services/web/test/UnitTests/coffee/Project/ProjectDuplicatorTests.coffee b/services/web/test/UnitTests/coffee/Project/ProjectDuplicatorTests.coffee
index 7897ae47c8..a1101cfbe0 100644
--- a/services/web/test/UnitTests/coffee/Project/ProjectDuplicatorTests.coffee
+++ b/services/web/test/UnitTests/coffee/Project/ProjectDuplicatorTests.coffee
@@ -9,7 +9,7 @@ describe 'ProjectDuplicator', ->
 		@level2folder =
 			name: "level2folderName"
 			_id:"level2folderId"
-			docs:[@doc2 = {_id: "doc2_id", name:"level2folderDocName"}]
+			docs:[@doc2 = {_id: "doc2_id", name:"level2folderDocName"}, undefined]
 			folders:[]
 			fileRefs:[{name:"file2", _id:"file2"}]
 		@level1folder =
@@ -17,12 +17,12 @@ describe 'ProjectDuplicator', ->
 			_id:"level1folderId"
 			docs:[@doc1 = {_id: "doc1_id", name:"level1folderDocName"}]
 			folders:[@level2folder]
-			fileRefs:[{name:"file1", _id:"file1"}]
+			fileRefs:[{name:"file1", _id:"file1"}, null]
 		@rootFolder = 
 			name:"rootFolder"
 			_id:"rootFolderId"
 			docs:[@doc0 = {_id: "doc0_id", name:"rootDocHere"}]
-			folders:[@level1folder]
+			folders:[@level1folder, {}]
 			fileRefs:[{name:"file0", _id:"file0"}]
 		@project = 
 			_id: @old_project_id = "this_is_the_old_project_id"
@@ -117,7 +117,7 @@ describe 'ProjectDuplicator', ->
 			@projectOptionsHandler.setCompiler.calledWith(@stubbedNewProject._id, @project.compiler).should.equal true
 			done()
 	
-	it 'should use the same root docccccccc', (done)->
+	it 'should use the same root doc', (done)->
 		@entityHandler.addDocWithProject.callsArgWith(4, null, @rootFolder.docs[0])
 		@duplicator.duplicate @owner, @old_project_id, "", (err, newProject)=>
 			@entityHandler.setRootDoc.calledWith(@stubbedNewProject._id, @rootFolder.docs[0]._id).should.equal true
diff --git a/services/web/test/UnitTests/coffee/Project/ProjectLocatorTests.coffee b/services/web/test/UnitTests/coffee/Project/ProjectLocatorTests.coffee
index 1d982d90af..9257c2e83e 100644
--- a/services/web/test/UnitTests/coffee/Project/ProjectLocatorTests.coffee
+++ b/services/web/test/UnitTests/coffee/Project/ProjectLocatorTests.coffee
@@ -17,7 +17,7 @@ file1 = name:"file1", _id:"dsa9lkdsad"
 subSubFile = name:"subSubFile", _id:"d1d2dk"
 subSubDoc = name:"subdoc.txt", _id:"321dmdwi"
 secondSubFolder = name:"secondSubFolder", _id:"dsa3e23", docs:[subSubDoc], fileRefs:[subSubFile], folders:[]
-subFolder = name:"subFolder", _id:"dsadsa93", folders:[secondSubFolder], docs:[], fileRefs:[]
+subFolder = name:"subFolder", _id:"dsadsa93", folders:[secondSubFolder, null], docs:[], fileRefs:[]
 subFolder1 = name:"subFolder1", _id:"123asdjoij"
 
 rootFolder =