diff --git a/extensions/image-preview/media/main.js b/extensions/image-preview/media/main.js
index ca5d6c56e3a..984e586c0f6 100644
--- a/extensions/image-preview/media/main.js
+++ b/extensions/image-preview/media/main.js
@@ -319,6 +319,11 @@
 	});
 
 	window.addEventListener('message', e => {
+		if (e.origin !== window.origin) {
+			console.error('Dropping message from unknown origin in image preview');
+			return;
+		}
+
 		switch (e.data.type) {
 			case 'setScale':
 				updateScale(e.data.scale);