diff --git a/services/git-bridge/src/uk/ac/ic/wlgitbridge/application/AttsResourceHandler.java b/services/git-bridge/src/uk/ac/ic/wlgitbridge/application/AttsResourceHandler.java
index 25b1ef1a36..21e3a3e081 100644
--- a/services/git-bridge/src/uk/ac/ic/wlgitbridge/application/AttsResourceHandler.java
+++ b/services/git-bridge/src/uk/ac/ic/wlgitbridge/application/AttsResourceHandler.java
@@ -5,6 +5,7 @@ import org.eclipse.jetty.server.Request;
 import org.eclipse.jetty.server.handler.ResourceHandler;
 import org.eclipse.jetty.util.MultiMap;
 import uk.ac.ic.wlgitbridge.writelatex.WriteLatexAPI;
+import uk.ac.ic.wlgitbridge.writelatex.api.request.push.exception.InvalidPostbackKeyException;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -26,9 +27,18 @@ public class AttsResourceHandler extends ResourceHandler {
     public void handle(String target, Request baseRequest, HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
         HttpURI uri = baseRequest.getUri();
         System.out.println(baseRequest.getMethod() + " " + uri);
-        System.out.println(uri.getPath());
         MultiMap<String> multimap = new MultiMap<String>();
         uri.decodeQueryTo(multimap);
+        String[] pathSections = uri.getPath().split("/");
+        String key = multimap.getString("key");
+        if (key == null || pathSections.length < 2) {
+            throw new ServletException();
+        }
+        try {
+            writeLatexDataSource.checkPostbackKey(pathSections[1], key);
+        } catch (InvalidPostbackKeyException e) {
+            throw new ServletException();
+        }
         System.out.println(multimap);
 
         if (false) {