diff --git a/src/node/hooks/express/importexport.js b/src/node/hooks/express/importexport.js
index aeb6e3664..5e27e940e 100644
--- a/src/node/hooks/express/importexport.js
+++ b/src/node/hooks/express/importexport.js
@@ -3,6 +3,7 @@ var settings = require('../../utils/Settings');
 var exportHandler = require('../../handler/ExportHandler');
 var importHandler = require('../../handler/ImportHandler');
 var padManager = require("../../db/PadManager");
+var authorManager = require("../../db/AuthorManager");
 
 exports.expressCreateServer = function (hook_name, args, cb) {
 
@@ -47,6 +48,49 @@ exports.expressCreateServer = function (hook_name, args, cb) {
         return next();
       }
 
+      /*
+       * Starting from Etherpad 1.8.3 onwards, importing into a pad is allowed
+       * only if a user has his browser opened and connected to the pad (i.e. a
+       * Socket.IO session is estabilished for him) and he has already
+       * contributed to that specific pad.
+       *
+       * Note that this does not have anything to do with the "session", used
+       * for logging into "group pads". That kind of session is not needed here.
+       *
+       * This behaviour does not apply to API requests, only to /p/$PAD$/import
+       *
+       * See: https://github.com/ether/etherpad-lite/pull/3833#discussion_r407490205
+       */
+      if (!req.cookies) {
+        console.warn(`Unable to import file into "${req.params.pad}". No cookies included in request`);
+        return next();
+      }
+
+      if (!req.cookies.token) {
+        console.warn(`Unable to import file into "${req.params.pad}". No token in the cookies`);
+        return next();
+      }
+
+      let author = await authorManager.getAuthor4Token(req.cookies.token);
+      // author is of the form: "a.g2droBYw1prY7HW9"
+      if (!author) {
+        console.warn(`Unable to import file into "${req.params.pad}". No Author found for token ${req.cookies.token}`);
+
+        return next();
+      }
+
+      let authorsPads = await authorManager.listPadsOfAuthor(author);
+      if (!authorsPads) {
+        console.warn(`Unable to import file into "${req.params.pad}". Author "${author}" exists but he never contributed to any pad`);
+        return next();
+      }
+
+      let authorsPadIDs = authorsPads.padIDs;
+      if (authorsPadIDs.indexOf(req.params.pad) === -1) {
+        console.warn(`Unable to import file into "${req.params.pad}". Author "${author}" exists but he never contributed to this pad`);
+        return next();
+      }
+
       importHandler.doImport(req, res, req.params.pad);
     }
   });