diff --git a/internal/service/file.go b/internal/service/file.go
index 350f95f9..05bc4f14 100644
--- a/internal/service/file.go
+++ b/internal/service/file.go
@@ -179,6 +179,11 @@ func (s *FileService) Move(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if io.IsDir(req.Source) && strings.HasPrefix(req.Target, req.Source) {
+		Error(w, http.StatusForbidden, "你不能这样做，会玩坏的")
+		return
+	}
+
 	if err = io.Mv(req.Source, req.Target); err != nil {
 		Error(w, http.StatusInternalServerError, "%v", err)
 		return
@@ -199,6 +204,11 @@ func (s *FileService) Copy(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
+	if io.IsDir(req.Source) && strings.HasPrefix(req.Target, req.Source) {
+		Error(w, http.StatusForbidden, "你不能这样做，会玩坏的")
+		return
+	}
+
 	if err = io.Cp(req.Source, req.Target); err != nil {
 		Error(w, http.StatusInternalServerError, "%v", err)
 		return