From 8c74255cbb051ddd24e3bbc8b9fc83bc6f6db68e Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Mon, 22 Sep 2014 17:08:11 +1000
Subject: [PATCH] FIX: 404 if we try to navigate to a non-existant page

---
 app/controllers/topics_controller.rb       | 5 +++++
 spec/controllers/topics_controller_spec.rb | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/app/controllers/topics_controller.rb b/app/controllers/topics_controller.rb
index 24402ca66..bbc075ed7 100644
--- a/app/controllers/topics_controller.rb
+++ b/app/controllers/topics_controller.rb
@@ -57,6 +57,11 @@ class TopicsController < ApplicationController
       redirect_to_correct_topic(topic, opts[:post_number]) && return
     end
 
+    page = params[:page].to_i
+    if (page - 1) * SiteSetting.posts_per_page > @topic_view.topic.highest_post_number
+      raise Discourse::NotFound
+    end
+
     discourse_expires_in 1.minute
 
     redirect_to_correct_topic(@topic_view.topic, opts[:post_number]) && return if slugs_do_not_match || (!request.format.json? && params[:slug].nil?)
diff --git a/spec/controllers/topics_controller_spec.rb b/spec/controllers/topics_controller_spec.rb
index b67b458b0..f6a41444a 100644
--- a/spec/controllers/topics_controller_spec.rb
+++ b/spec/controllers/topics_controller_spec.rb
@@ -573,6 +573,11 @@ describe TopicsController do
       response.should be_success
     end
 
+    it 'return 404 for an invalid page' do
+      xhr :get, :show, topic_id: topic.id, slug: topic.slug, page: 2
+      response.code.should == "404"
+    end
+
     it 'can find a topic given a slug in the id param' do
       xhr :get, :show, id: topic.slug
       expect(response).to redirect_to(topic.relative_url)