diff --git a/app/services/embedded_page_service.rb b/app/services/embedded_page_service.rb
index e088efad52b..f7dd6a2143a 100644
--- a/app/services/embedded_page_service.rb
+++ b/app/services/embedded_page_service.rb
@@ -68,12 +68,12 @@ def enterprise_slug
   end
 
   def current_referer
-    return if @request.referer.blank?
-
-    uri = URI(@request.referer)
-    return if uri.host.blank?
+    uri = URI.parse(@request.referer)
+    return unless uri.is_a?(URI::HTTP) && uri.host.present?
 
     uri.host.downcase
+  rescue URI::InvalidURIError
+    false
   end
 
   def current_referer_without_www
diff --git a/spec/services/embedded_page_service_spec.rb b/spec/services/embedded_page_service_spec.rb
index 8a1a5efafa3..e6b8ef3749f 100644
--- a/spec/services/embedded_page_service_spec.rb
+++ b/spec/services/embedded_page_service_spec.rb
@@ -74,7 +74,7 @@
     context "when the request's referer is malformed" do
       let(:request) {
         ActionController::TestRequest.new(
-          { 'HTTP_HOST' => 'ofn-instance.com', 'HTTP_REFERER' => 'hello' }, nil, nil
+          { 'HTTP_HOST' => 'ofn-instance.com', 'HTTP_REFERER' => 'hello# 32' }, nil, nil
         )
       }
       before do