diff --git a/app/controllers/topics_controller.rb b/app/controllers/topics_controller.rb index 24402ca661e..bbc075ed78f 100644 --- a/app/controllers/topics_controller.rb +++ b/app/controllers/topics_controller.rb @@ -57,6 +57,11 @@ class TopicsController < ApplicationController redirect_to_correct_topic(topic, opts[:post_number]) && return end + page = params[:page].to_i + if (page - 1) * SiteSetting.posts_per_page > @topic_view.topic.highest_post_number + raise Discourse::NotFound + end + discourse_expires_in 1.minute redirect_to_correct_topic(@topic_view.topic, opts[:post_number]) && return if slugs_do_not_match || (!request.format.json? && params[:slug].nil?) diff --git a/spec/controllers/topics_controller_spec.rb b/spec/controllers/topics_controller_spec.rb index b67b458b087..f6a41444a95 100644 --- a/spec/controllers/topics_controller_spec.rb +++ b/spec/controllers/topics_controller_spec.rb @@ -573,6 +573,11 @@ describe TopicsController do response.should be_success end + it 'return 404 for an invalid page' do + xhr :get, :show, topic_id: topic.id, slug: topic.slug, page: 2 + response.code.should == "404" + end + it 'can find a topic given a slug in the id param' do xhr :get, :show, id: topic.slug expect(response).to redirect_to(topic.relative_url)