diff --git a/server/lib/validators.ts b/server/lib/validators.ts
index ce677c9c..e33c9181 100644
--- a/server/lib/validators.ts
+++ b/server/lib/validators.ts
@@ -29,11 +29,6 @@ export function isValidUrlGlobPattern(pattern: string): boolean {
             return false;
         }
 
-        // If segment contains *, it must be exactly *
-        if (segment.includes("*") && segment !== "*") {
-            return false;
-        }
-
         // Check each character in the segment
         for (let j = 0; j < segment.length; j++) {
             const char = segment[j];
diff --git a/server/routers/badger/verifySession.ts b/server/routers/badger/verifySession.ts
index 35617f37..a652e014 100644
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@@ -534,7 +534,7 @@ async function checkRules(
     return;
 }
 
-function isPathAllowed(pattern: string, path: string): boolean {
+export function isPathAllowed(pattern: string, path: string): boolean {
     logger.debug(`\nMatching path "${path}" against pattern "${pattern}"`);
 
     // Normalize and split paths into segments
@@ -575,7 +575,7 @@ function isPathAllowed(pattern: string, path: string): boolean {
             return result;
         }
 
-        // For wildcards, try consuming different numbers of path segments
+        // For full segment wildcards, try consuming different numbers of path segments
         if (currentPatternPart === "*") {
             logger.debug(
                 `${indent}Found wildcard at pattern index ${patternIndex}`
@@ -607,6 +607,32 @@ function isPathAllowed(pattern: string, path: string): boolean {
             return false;
         }
 
+        // Check for in-segment wildcard (e.g., "prefix*" or "prefix*suffix")
+        if (currentPatternPart.includes("*")) {
+            logger.debug(
+                `${indent}Found in-segment wildcard in "${currentPatternPart}"`
+            );
+            
+            // Convert the pattern segment to a regex pattern
+            const regexPattern = currentPatternPart
+                .replace(/\*/g, ".*") // Replace * with .* for regex wildcard
+                .replace(/\?/g, "."); // Replace ? with . for single character wildcard if needed
+            
+            const regex = new RegExp(`^${regexPattern}$`);
+            
+            if (regex.test(currentPathPart)) {
+                logger.debug(
+                    `${indent}Segment with wildcard matches: "${currentPatternPart}" matches "${currentPathPart}"`
+                );
+                return matchSegments(patternIndex + 1, pathIndex + 1);
+            }
+            
+            logger.debug(
+                `${indent}Segment with wildcard mismatch: "${currentPatternPart}" doesn't match "${currentPathPart}"`
+            );
+            return false;
+        }
+
         // For regular segments, they must match exactly
         if (currentPatternPart !== currentPathPart) {
             logger.debug(
@@ -625,4 +651,4 @@ function isPathAllowed(pattern: string, path: string): boolean {
     const result = matchSegments(0, 0);
     logger.debug(`Final result: ${result}`);
     return result;
-}
+}
\ No newline at end of file