diff --git a/src/Rtmp/RtmpSession.cpp b/src/Rtmp/RtmpSession.cpp
index c2e55863..d30eafaf 100644
--- a/src/Rtmp/RtmpSession.cpp
+++ b/src/Rtmp/RtmpSession.cpp
@@ -158,6 +158,12 @@ void RtmpSession::onCmd_publish(AMFDecoder &dec) {
         setSocketFlags();
     };
 
+    if(_mediaInfo._app.empty() || _mediaInfo._streamid.empty()){
+        //不允许莫名其妙的推流url
+        onRes("rtmp推流url非法", false, false, false);
+        return;
+    }
+
     Broadcast::PublishAuthInvoker invoker = [weakSelf,onRes,pToken](const string &err,bool enableRtxp,bool enableHls,bool enableMP4){
         auto strongSelf = weakSelf.lock();
         if(!strongSelf){
diff --git a/src/Rtsp/RtspSession.cpp b/src/Rtsp/RtspSession.cpp
index b2e8e088..c8f7e04e 100644
--- a/src/Rtsp/RtspSession.cpp
+++ b/src/Rtsp/RtspSession.cpp
@@ -240,6 +240,12 @@ void RtspSession::handleReq_ANNOUNCE(const Parser &parser) {
         _mediaInfo.parse(full_url);
     }
 
+    if(_mediaInfo._app.empty() || _mediaInfo._streamid.empty()){
+        //推流rtsp url必须最少两级(rtsp://host/app/stream_id)，不允许莫名其妙的推流url
+        sendRtspResponse("403 Forbidden", {"Content-Type", "text/plain"}, "rtsp推流url非法,最少确保两级rtsp url");
+        throw SockException(Err_shutdown,StrPrinter << "rtsp推流url非法:" << full_url);
+    }
+
     SdpParser sdpParser(parser.Content());
     _strSession = makeRandStr(12);
     _aTrackInfo = sdpParser.getAvailableTrack();