diff --git a/app/class/Controllermedia.php b/app/class/Controllermedia.php
index 41e87edf..a2380922 100644
--- a/app/class/Controllermedia.php
+++ b/app/class/Controllermedia.php
@@ -18,15 +18,13 @@ class Controllermedia extends Controller
     public function __construct(AltoRouter $router)
     {
         parent::__construct($router);
-        $this->mediamanager = new Modelmedia();
-
-        $this->mediaopt = new Mediaopt($_GET);
-
         if ($this->user->isvisitor()) {
             http_response_code(401);
             $this->showtemplate('connect', ['route' => 'media']);
             exit;
         }
+        $this->mediamanager = new Modelmedia();
+        $this->mediaopt = new Mediaopt($_GET);
     }
 
 
@@ -99,15 +97,15 @@ public function upload()
                         $fontfacer = new Servicefont($this->mediamanager);
                         $fontfacer->writecss();
                     }
-                    $this->redirect($this->generate('media') . '?path=/' . $target);
+                    $this->redirect($this->generate('media') . $_POST['route']);
                 } catch (RuntimeException $e) {
                     Model::sendflashmessage($e->getMessage(), Model::FLASH_ERROR);
                 }
             }
         } else {
-            Model::sendflashmessage("acces denied", Model::FLASH_ERROR);
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
-        $this->routedirect('media');
     }
 
     public function urlupload()
@@ -121,9 +119,10 @@ public function urlupload()
                     Model::sendflashmessage('Error while uploading : ' . $e->getMessage(), Model::FLASH_ERROR);
                 }
             }
-            $this->redirect($this->generate('media') . '?path=/' . $target);
+            $this->redirect($this->generate('media') . $_POST['route']);
         } else {
-            $this->routedirect('home');
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
     }
 
@@ -136,30 +135,33 @@ public function folderadd()
                 $name = 'new-folder';
             }
             $this->mediamanager->adddir($dir, $name);
-            $this->redirect($this->generate('media') . '?path=/' . $dir . $name);
+            parse_str(ltrim($_POST['route'], '?'), $route);
+            $route['path'] = $dir . $name;
+            $this->routedirect('media', [], $route);
         }
-        $this->routedirect('home');
+        http_response_code(403);
+        $this->showtemplate('forbidden');
     }
 
     public function folderdelete()
     {
-        if (isset($_POST['dir'])) {
-            if (isset($_POST['deletefolder']) && intval($_POST['deletefolder']) && $this->user->issupereditor()) {
+        if ($this->user->issupereditor()) {
+            if (isset($_POST['deletefolder']) && intval($_POST['deletefolder']) && isset($_POST['dir'])) {
                 try {
                     if ($this->mediamanager->deletedir($_POST['dir'])) {
                         Model::sendflashmessage('Deletion successfull', Model::FLASH_SUCCESS);
                     } else {
-                        Model::sendflashmessage('Deletion failed');
+                        Model::sendflashmessage('Deletion failed', Model::FLASH_ERROR);
                     }
                 } catch (Forbiddenexception $e) {
                     Model::sendflashmessage('Deletion failed: ' . $e->getMessage(), Model::FLASH_ERROR);
                 }
-            } else {
-                $this->redirect($this->generate('media') . '?path=/' . $_POST['dir']);
-                exit;
             }
+            $this->redirect($this->generate('media') . $_POST['route']);
+        } else {
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
-        $this->redirect($this->generate('media'));
     }
 
     public function edit()
@@ -183,8 +185,11 @@ public function edit()
                     Model::sendflashmessage('Error while updating fonts CSS : ' . $e->getMessage());
                 }
             }
+            $this->redirect($this->generate('media') . $_POST['route']);
+        } else {
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
-        $this->redirect($this->generate('media') . $_POST['route']);
     }
 
     public function rename()
@@ -207,8 +212,11 @@ public function rename()
             } catch (RuntimeException $e) {
                 Model::sendflashmessage($e->getMessage(), Model::FLASH_ERROR);
             }
+            $this->redirect($this->generate('media') . $_POST['route']);
+        } else {
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
-        $this->redirect($this->generate('media') . $_POST['route']);
     }
 
     /**
@@ -227,9 +235,10 @@ public function fontface()
                     Model::FLASH_ERROR
                 );
             }
+            $this->redirect($this->generate("media", [], $this->mediaopt->getpathadress()));
         } else {
-            Model::sendflashmessage("Access denied", Model::FLASH_ERROR);
+            http_response_code(403);
+            $this->showtemplate('forbidden');
         }
-        $this->redirect($this->generate("media", [], $this->mediaopt->getpathadress()));
     }
 }
diff --git a/app/class/Mediaopt.php b/app/class/Mediaopt.php
index 30abc693..eb528637 100644
--- a/app/class/Mediaopt.php
+++ b/app/class/Mediaopt.php
@@ -52,6 +52,12 @@ public function getsortbyadress(string $sortby): string
         return '?' . urldecode(http_build_query($query));
     }
 
+    /**
+     * Give the GET params to be used for redirection. Using hidden input under the `route` name.
+     *
+     * @param string $path                  Media path to display. Default is the current path.
+     * @return string                       URL-encoded path, filter and sort parameters, startiting with a `?`
+     */
     public function getpathadress(string $path = null): string
     {
         $path = is_null($path) ? $this->path : "/$path";
diff --git a/app/class/Modelmedia.php b/app/class/Modelmedia.php
index fdc73600..83c1df13 100644
--- a/app/class/Modelmedia.php
+++ b/app/class/Modelmedia.php
@@ -279,6 +279,8 @@ public function adddir($dir, $name)
      * @return bool depending on operation success
      *
      * @throws  Forbiddenexception If the directory is not inside `/media` folder
+     *
+     * @todo return void and throw exception in case of failure
      */
     public function deletedir(string $dir): bool
     {
diff --git a/app/view/templates/media.php b/app/view/templates/media.php
index fa34debb..9ce135c6 100644
--- a/app/view/templates/media.php
+++ b/app/view/templates/media.php
@@ -72,10 +72,10 @@
     <h2>
         /<?= $mediaopt->dir() ?>
         <span class="right">
-            <a href="<?= $mediaopt->getaddress() ?>&display=list" <?= $workspace->mediadisplay() === Wcms\Workspace::LIST ? 'class="selected"' : '' ?> >
+            <a href="<?= $mediaopt->getpathadress() ?>&display=list" <?= $workspace->mediadisplay() === Wcms\Workspace::LIST ? 'class="selected"' : '' ?> >
                 <i class="fa fa-th-list"></i>
             </a>
-            <a href="<?= $mediaopt->getaddress() ?>&display=gallery"  <?= $workspace->mediadisplay() === Wcms\Workspace::GALLERY ? 'class="selected"' : '' ?>  >
+            <a href="<?= $mediaopt->getpathadress() ?>&display=gallery"  <?= $workspace->mediadisplay() === Wcms\Workspace::GALLERY ? 'class="selected"' : '' ?>  >
                 <i class="fa fa-th-large"></i>
             </a>
         </span>
@@ -171,7 +171,7 @@
                             <i class="fa fa-pencil"></i>
                     </summary>
                     <form action="<?= $this->url('mediarename') ?>" method="post">
-                        <input type="hidden" name="route" value="<?= $mediaopt->getaddress() ?>">
+                        <input type="hidden" name="route" value="<?= $mediaopt->getpathadress() ?>">
                         <input type="hidden" name="dir" value="<?= $media->dir() ?>">
                         <input type="hidden" name="oldfilename" value="<?= $media->filename() ?>">
                         <input type="text" name="newfilename" value="<?= $media->filename() ?>" id="newid-<?= $media->filename() ?>" maxlength="<?= Wcms\Model::MAX_ID_LENGTH ?>" minlength="1" required>
diff --git a/app/view/templates/mediamenu.php b/app/view/templates/mediamenu.php
index 71272a58..093a2d65 100644
--- a/app/view/templates/mediamenu.php
+++ b/app/view/templates/mediamenu.php
@@ -9,6 +9,7 @@
                 </h3>
                 <p>max upload file size : <?= $maxuploadsize ?></p>
                 <form id=addmedia action="<?= $this->url('mediaupload') ?>" method="post" enctype="multipart/form-data">
+                    <input type="hidden" name="route" value="<?= $mediaopt->getpathadress() ?>">
                     <input type='file' id="file" name='file[]' multiple required>
 
                     <div>
@@ -24,12 +25,14 @@
                     <label for="url"><i class="fa fa-cloud-upload"></i> Upload from URL</label>
                 </h3>
                 <form id="addurlmedia" action="<?= $this->url('mediaurlupload') ?>" method="post">
+                    <input type="hidden" name="route" value="<?= $mediaopt->getpathadress() ?>">
                     <input type="text" name="url" id="url" placeholder="paste url here">
                     <input type="hidden" name="dir" value="<?= $mediaopt->dir() ?>">
                     <input type="submit" value="upload">
                 </form>
                 <h2>New folder</h2>
                 <form id="folderadd" action="<?= $this->url('mediafolderadd') ?>" method="post">
+                    <input type="hidden" name="route" value="<?= $mediaopt->getpathadress() ?>">
                     <label for="foldername"><i class="fa fa-folder"></i>  New folder</label>
                     <input type="text" name="foldername" id="foldername" placeholder="folder name" required>
                     <input type="hidden" name="dir" value="<?= $mediaopt->dir() ?>">
@@ -40,6 +43,7 @@
                 <?php if($user->issupereditor()) { ?>
                 <h2>Delete folder</h2>
                 <form action="<?= $this->url('mediafolderdelete') ?>" id="deletefolder" method="post">
+                    <input type="hidden" name="route" value="<?= $mediaopt->getpathadress('media') ?>">
                     <input type="hidden" name="dir" value="<?= $mediaopt->dir() ?>/">
                     <input type="checkbox" name="deletefolder" id="confirmdeletefolder" value="1">
                     <label for="confirmdeletefolder">Delete current folder and all it's content</label>
@@ -65,7 +69,7 @@
             
             <h2>Move</h2>
             <form action="<?= $this->url('mediaedit') ?>" method="post" id="mediaedit">
-                <input type="hidden" name="route" value="<?= $mediaopt->getaddress() ?>">
+                <input type="hidden" name="route" value="<?= $mediaopt->getpathadress() ?>">
                 <input type="hidden" name="path" value="<?= $mediaopt->dir() ?>">
                 <label for="moveto">Move selected medias to a new directory</label>
                 <br>