diff --git a/lib/remote_storage/rest_provider.rb b/lib/remote_storage/rest_provider.rb
index 7447c53..626e55c 100644
--- a/lib/remote_storage/rest_provider.rb
+++ b/lib/remote_storage/rest_provider.rb
@@ -506,5 +506,10 @@ def get_directory_listing_from_redis_via_lua(user, directory)
       items
     end
 
+    def validate_content_type(content_type)
+      # Do not try to perform the PUT request when the Content-Type does not
+      # look like a MIME type
+      server.halt 415 unless content_type.match(/^.+\/.+/i)
+    end
   end
 end
diff --git a/lib/remote_storage/s3.rb b/lib/remote_storage/s3.rb
index c852006..ff6ac59 100644
--- a/lib/remote_storage/s3.rb
+++ b/lib/remote_storage/s3.rb
@@ -16,6 +16,8 @@ def format_etag(etag)
     end
 
     def do_put_request(url, data, content_type)
+      validate_content_type(content_type)
+
       deal_with_unauthorized_requests do
         md5 = Digest::MD5.base64digest(data)
         authorization_headers = authorization_headers_for(
diff --git a/spec/shared_examples.rb b/spec/shared_examples.rb
index 9255f9c..4d53081 100644
--- a/spec/shared_examples.rb
+++ b/spec/shared_examples.rb
@@ -232,6 +232,16 @@ def storage_class
           _(last_response.body).must_equal "Precondition Failed"
         end
       end
+
+      describe "Content-Type" do
+        it "must be in the type/subtype format" do
+          header "Content-Type", "text"
+
+          put "/phil/food/invalid_content_type", "invalid", content_type: "text"
+
+          _(last_response.status).must_equal 415
+        end
+      end
     end
 
   end