diff --git a/app.rb b/app.rb
index b8501a6..6bd5136 100644
--- a/app.rb
+++ b/app.rb
@@ -2,6 +2,7 @@ require 'roda'
 require 'securerandom'
 require 'json'
 require 'sequel'
+require 'open-uri'
 
 class App < Roda
   plugin :sessions, secret: ENV.delete('APP_SESSION_SECRET')
@@ -60,6 +61,14 @@ class App < Roda
           return {message: "invalid url parameter"}.to_json
         end
 
+        begin
+          OpenURI.open_uri(url)
+        rescue URI::BadURIError
+          response.status = 400
+          return {message: "invalid url parameter"}.to_json
+        end
+
+
         if links.filter(:url => url).first.nil?
           code = SecureRandom.urlsafe_base64 4
           links.insert(url: url, code: code)