diff --git a/rpc/http.go b/rpc/http.go
index 4143e2a8dc03e48cecddf4bf5ea0929846102d79..3f572b34c0d991f1dcddc1edd5ad5d491208c105 100644
--- a/rpc/http.go
+++ b/rpc/http.go
@@ -23,6 +23,7 @@ import (
 	"fmt"
 	"io"
 	"io/ioutil"
+	"mime"
 	"net"
 	"net/http"
 	"sync"
@@ -151,6 +152,16 @@ func (srv *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 			http.StatusRequestEntityTooLarge)
 		return
 	}
+
+	ct := r.Header.Get("content-type")
+	mt, _, err := mime.ParseMediaType(ct)
+	if err != nil || mt != "application/json" {
+		http.Error(w,
+			"invalid content type, only application/json is supported",
+			http.StatusUnsupportedMediaType)
+		return
+	}
+
 	w.Header().Set("content-type", "application/json")
 
 	// create a codec that reads direct from the request body until