diff --git a/application/controllers/api/frontend/v1/RouteInfo.php b/application/controllers/api/frontend/v1/RouteInfo.php
index f9b4df7f3..78db3ba2c 100644
--- a/application/controllers/api/frontend/v1/RouteInfo.php
+++ b/application/controllers/api/frontend/v1/RouteInfo.php
@@ -35,7 +35,7 @@ class RouteInfo extends FHCAPI_Controller
 	{
 		$payload = json_decode($this->input->raw_input_stream);
 
-		if (isset($payload->app) && isset($payload->path))
+		if (isset($payload->app) && isset($payload->path) && $this->isValidApp($payload->app) && $this->isValidPath($payload->path))
 		{
 			$this->WebservicelogModel->insert(array(
 				'webservicetyp_kurzbz' => 'content',
@@ -47,4 +47,14 @@ class RouteInfo extends FHCAPI_Controller
 		}
 		$this->terminateWithSuccess(true);
 	}
+
+	protected function isValidApp($app)
+	{
+		return preg_match("/^[A-Za-z0-9\-_]+$/", $app);
+	}
+
+	protected function isValidPath($path)
+	{
+		return preg_match("/^[\/A-Za-z0-9_.\-~?%=&;]+$/", $path);
+	}
 }