diff --git a/packages/convict/src/main.js b/packages/convict/src/main.js
index 459b504..2474998 100644
--- a/packages/convict/src/main.js
+++ b/packages/convict/src/main.js
@@ -12,7 +12,7 @@ const cloneDeep = require('lodash.clonedeep')
 // Forbidden key paths, for protection against prototype pollution
 const FORBIDDEN_KEY_PATHS = [
   '__proto__.',
-  'this.constructor.prototype.',
+  'constructor.prototype.',
 ]
 
 const ALLOWED_OPTION_STRICT = 'strict'
diff --git a/packages/convict/test/prototype_pollution.test.js b/packages/convict/test/prototype_pollution.test.js
index 4578594..f3bf11e 100644
--- a/packages/convict/test/prototype_pollution.test.js
+++ b/packages/convict/test/prototype_pollution.test.js
@@ -30,10 +30,17 @@ describe('Convict prototype pollution resistance', function() {
     expect({}).not.toHaveProperty('nested.polluted_proto_nested')
   })
 
-  test('against this.constructor.prototype', function() {
+  test('against constructor.prototype', function() {
     const obj = {}
     const config = convict(obj)
 
+    config.set('constructor.prototype.polluted_constructor_prototype_root', 'Polluted!')
+    expect({}).not.toHaveProperty('polluted_constructor_prototype_root')
+
+    config.set('constructor.prototype.nested.polluted_constructor_prototype_nested', 'Polluted!')
+    expect({}).not.toHaveProperty('nested')
+    expect({}).not.toHaveProperty('nested.polluted_constructor_prototype_nested')
+
     config.set('this.constructor.prototype.polluted_constructor_prototype_root', 'Polluted!')
     expect({}).not.toHaveProperty('polluted_constructor_prototype_root')