diff --git a/goon/code/datums/browserOutput.dm b/goon/code/datums/browserOutput.dm
index d928397728..a6cabcba87 100644
--- a/goon/code/datums/browserOutput.dm
+++ b/goon/code/datums/browserOutput.dm
@@ -2,6 +2,9 @@
 For the main html chat area
 *********************************/
 
+#define BICON_X_MAX 96
+#define BICON_Y_MAX 96
+
 //Precaching a bunch of shit
 GLOBAL_DATUM_INIT(iconCache, /savefile, new("data/iconCache.sav")) //Cache of icons for the browser output
 
@@ -188,6 +191,10 @@ GLOBAL_LIST_EMPTY(bicon_cache)
 /proc/icon2base64(icon/icon, iconKey = "misc")
 	if (!isicon(icon))
 		return FALSE
+	//DOS exploit
+	if(icon.Width() > BICON_X_MAX || icon.Length() > BICON_Y_MAX)
+		return FALSE
+	//
 	GLOB.iconCache[iconKey] << icon
 	var/iconData = GLOB.iconCache.ExportText(iconKey)
 	var/list/partial = splittext(iconData, "{")
@@ -286,4 +293,4 @@ GLOBAL_LIST_EMPTY(bicon_cache)
 			return M.current.client
 
 /datum/log	//exists purely to capture to_chat() output
-	var/log = ""
\ No newline at end of file
+	var/log = ""