diff --git a/combo/utils/signature.py b/combo/utils/signature.py
index bf6c5556..dd6ec309 100644
--- a/combo/utils/signature.py
+++ b/combo/utils/signature.py
@@ -76,9 +76,9 @@ def check_query(query, keys, known_nonce=None, timedelta=30):
     if not ('signature' in parsed and 'algo' in parsed and
             'timestamp' in parsed and 'nonce' in parsed):
         return False
-    unsigned_query, end_of_query = query.split('&signature=', 1)
-    if '&' in end_of_query:  # nothing after signature
-        return False
+    unsigned_query, signature_content = query.split('&signature=', 1)
+    if '&' in signature_content:
+        return False  # signature must be the last parameter
     signature = base64.b64decode(parsed['signature'][0])
     algo = parsed['algo'][0]
     timestamp = parsed['timestamp'][0]