diff --git a/web/index.php b/web/index.php
index 5997edd..db303aa 100755
--- a/web/index.php
+++ b/web/index.php
@@ -30,7 +30,12 @@ switch ($url[0]) {
         }
         $ip = getUserIP();
 
-        $viewport = $_REQUEST['viewport'];
+        $viewport = $_REQUEST['viewport'] ?? '1024x768';
+        if (!preg_match('/^\d+x\d+$/', $viewport)) {
+            header('HTTP/1.0 400 Bad Request');
+            echo 'Invalid viewport format. Use WIDTHxHEIGHT (e.g., 1024x768)';
+            exit;
+        }
         $js = $_REQUEST['js'] == 'false' ? false : true;
 
         $serverUrl = 'http://localhost:4444';