diff --git a/_plugins/download-3rd-party.rb b/_plugins/download-3rd-party.rb
index 18b7c6ca6f07..12dd9ad7467a 100644
--- a/_plugins/download-3rd-party.rb
+++ b/_plugins/download-3rd-party.rb
@@ -7,6 +7,11 @@
   require 'uri'
 
   def download_file(url, dest)
+    # only try to download the file if url doesn't start with | for security reasons
+    if url.start_with?('|')
+      return
+    end
+
     # create the directory if it doesn't exist
     dir = File.dirname(dest)
     unless File.directory?(dir)
@@ -30,11 +35,16 @@ def download_file(url, dest)
   end
 
   def download_fonts(url, dest)
+    # only try to download the file if url doesn't start with | for security reasons
+    if url.start_with?('|')
+      return
+    end
+
     # only download fonts if the directory doesn't exist or is empty
     unless File.directory?(dest) && !Dir.empty?(dest)
       puts "Downloading fonts from #{url} to #{dest}"
       # get available fonts from the url
-      doc = Nokogiri::HTML(URI().open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}"))
+      doc = Nokogiri::HTML(URI.open(url, "User-Agent" => "Ruby/#{RUBY_VERSION}"))
       doc.css('a').each do |link|
         # get the file name from the url
         file_name = link['href'].split('/').last.split('?').first
@@ -49,6 +59,11 @@ def download_fonts(url, dest)
   end
 
   def download_fonts_from_css(config, url, dest)
+    # only try to download the file if url doesn't start with | for security reasons
+    if url.start_with?('|')
+      return
+    end
+
     # get the file name from the url
     file_name = url.split('/').last.split('?').first