diff --git a/combo/public/views.py b/combo/public/views.py
index 04091e46..c314501e 100644
--- a/combo/public/views.py
+++ b/combo/public/views.py
@@ -27,7 +27,7 @@ from django.core import signing
 from django.core.exceptions import ObjectDoesNotExist, PermissionDenied
 from django.db import transaction
 from django.http import (Http404, HttpResponse, HttpResponseRedirect,
-        HttpResponsePermanentRedirect)
+        HttpResponsePermanentRedirect, HttpResponseBadRequest)
 from django.shortcuts import render, resolve_url
 from django.template import engines
 from django.template.loader import get_template, TemplateDoesNotExist
@@ -142,7 +142,10 @@ def render_cell(request, cell):
         'absolute_uri': request.build_absolute_uri
     }
     if request.GET.get('ctx'):
-        context.update(signing.loads(request.GET['ctx']))
+        try:
+            context.update(signing.loads(request.GET['ctx']))
+        except signing.BadSignature:
+            return HttpResponseBadRequest('bad signature')
     modify_global_context(request, context)
 
     if cell.page_id: