diff --git a/src/auth.rs b/src/auth.rs
index 065fd04..ab2cd7b 100644
--- a/src/auth.rs
+++ b/src/auth.rs
@@ -132,7 +132,12 @@ impl GuardType {
 }
 
 fn sanitize_path(path: &str, uri_prefix: &str) -> String {
-    encode_uri(&format!("{}{}", uri_prefix, path.trim_matches('/')))
+    let new_path = match (uri_prefix, path) {
+        ("/", "/") => "/".into(),
+        (_, "/") => uri_prefix.trim_end_matches('/').into(),
+        _ => format!("{}{}", uri_prefix, path.trim_matches('/')),
+    };
+    encode_uri(&new_path)
 }
 
 fn walk_path(path: &str) -> impl Iterator<Item = &str> {
diff --git a/tests/auth.rs b/tests/auth.rs
index fad9ecb..83afb22 100644
--- a/tests/auth.rs
+++ b/tests/auth.rs
@@ -121,3 +121,15 @@ fn auth_webdav_copy(
     assert_eq!(resp.status(), 403);
     Ok(())
 }
+
+#[rstest]
+fn auth_path_prefix(
+    #[with(&["--auth", "/@user:pass", "--path-prefix", "xyz", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}xyz/index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}