diff --git a/static/js/main.js b/static/js/main.js
index 3a484af..13658f8 100644
--- a/static/js/main.js
+++ b/static/js/main.js
@@ -13,7 +13,9 @@ function enableThemeToggle() {
     const iframe = document.querySelector('iframe.giscus-frame');
     if (iframe) iframe.contentWindow.postMessage({ giscus: { setConfig: { theme: `${location.origin}/giscus_${theme}.css` } } }, 'https://giscus.app');
   }
-  function initGiscusTheme() {
+  function initGiscusTheme(evt) {
+    if (evt.origin !== 'https://giscus.app') return;
+    if (!(typeof evt.data === 'object' && evt.data.giscus)) return;
     toggleGiscusTheme(sessionStorage.getItem("theme") || (preferDark.matches ? "dark" : "light"));
     window.removeEventListener('message', initGiscusTheme);
   }