diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 9d2ddd3f6e51985e93856f9dfaf4abdb7082fc11..2b238bc88e263240a2a42e9eb3e83a05fe548a44 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -210,7 +210,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
   end
 
   def resolve_thread(status)
-    return unless status.reply? && status.thread.nil?
+    return unless status.reply? && status.thread.nil? && Request.valid_url?(in_reply_to_uri)
     ThreadResolveWorker.perform_async(status.id, in_reply_to_uri)
   end
 
diff --git a/app/lib/ostatus/activity/creation.rb b/app/lib/ostatus/activity/creation.rb
index 8f8c700521525204b6a568df71ce4543ac06b0f8..3840c8fbfed5b6507419ca5d8d4f07ae902ad66f 100644
--- a/app/lib/ostatus/activity/creation.rb
+++ b/app/lib/ostatus/activity/creation.rb
@@ -57,7 +57,7 @@ class OStatus::Activity::Creation < OStatus::Activity::Base
       save_emojis(status)
     end
 
-    if thread? && status.thread.nil?
+    if thread? && status.thread.nil? && Request.valid_url?(thread.second)
       Rails.logger.debug "Trying to attach #{status.id} (#{id}) to #{thread.first}"
       ThreadResolveWorker.perform_async(status.id, thread.second)
     end
diff --git a/app/lib/request.rb b/app/lib/request.rb
index 4a81773e3544846fa032cf88595a00713a5bf742..ef4aeaf29018ebfab1797f8ee33a2a37b1826e19 100644
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@@ -66,6 +66,18 @@ class Request
     (@account ? @headers.merge('Signature' => signature) : @headers).without(REQUEST_TARGET)
   end
 
+  class << self
+    def valid_url?(url)
+      begin
+        parsed_url = Addressable::URI.parse(url)
+      rescue Addressable::URI::InvalidURIError
+        return false
+      end
+
+      %w(http https).include?(parsed_url.scheme) && parsed_url.host.present?
+    end
+  end
+
   private
 
   def set_common_headers!