diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index e97a38c1..11e2b359 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -69,6 +69,9 @@ class HttpCli(object):
                         continue
 
                     v = unescape_cookie(v)
+                    if v == "x":
+                        break
+
                     if not v in self.auth.iuser:
                         msg = u'bad_cpwd "{}"'.format(v)
                         nuke = u"Set-Cookie: cppwd=x; path=/; expires=Thu, 01 Jan 1970 00:00:00 GMT"
@@ -83,12 +86,16 @@ class HttpCli(object):
                 print(self.rvol)
                 print(self.wvol)
 
-            if mode == "GET":
-                self.handle_get()
-            elif mode == "POST":
-                self.handle_post()
-            else:
-                self.loud_reply(u'invalid HTTP mode "{0}"'.format(mode))
+            try:
+                if mode == "GET":
+                    self.handle_get()
+                elif mode == "POST":
+                    self.handle_post()
+                else:
+                    self.loud_reply(u'invalid HTTP mode "{0}"'.format(mode))
+
+            except Pebkac as ex:
+                self.loud_reply(str(ex))
 
     def panic(self, msg):
         self.log("client disconnected ({0})".format(msg).upper())
diff --git a/copyparty/util.py b/copyparty/util.py
index 7974a444..0a39009e 100644
--- a/copyparty/util.py
+++ b/copyparty/util.py
@@ -60,7 +60,7 @@ class MultipartParser(object):
                 if m.group(1).lower() == "multipart/mixed":
                     # rfc-7578 overrides rfc-2388 so this is not-impl
                     # (opera >=9 <11.10 is the only thing i've ever seen use it)
-                    raise Exception(
+                    raise Pebkac(
                         "you can't use that browser to upload multiple files at once"
                     )