diff --git a/common b/common
index 793cf749dc5..d83c1d569e2 160000
--- a/common
+++ b/common
@@ -1 +1 @@
-Subproject commit 793cf749dc5435a7c5200170c431014ee1c674cd
+Subproject commit d83c1d569e2c4f2873a5542352f8b2db38d18d11
diff --git a/readthedocs/proxito/views/serve.py b/readthedocs/proxito/views/serve.py
index fe7cdeff889..af1ce2ad8c8 100644
--- a/readthedocs/proxito/views/serve.py
+++ b/readthedocs/proxito/views/serve.py
@@ -122,6 +122,9 @@ def get(self, request, path):
         and if the project is marked as spam.
         """
         unresolved_domain = request.unresolved_domain
+        # Protect against bad requests to API hosts that don't set this attribute.
+        if not unresolved_domain:
+            raise Http404
         # Handle requests that need canonicalizing first,
         # e.g. HTTP -> HTTPS, redirect to canonical domain, etc.
         # We run this here to reduce work we need to do on easily cached responses.
diff --git a/readthedocs/rtd_tests/tests/test_footer.py b/readthedocs/rtd_tests/tests/test_footer.py
index f4572de0308..13c0bfba97a 100644
--- a/readthedocs/rtd_tests/tests/test_footer.py
+++ b/readthedocs/rtd_tests/tests/test_footer.py
@@ -318,6 +318,12 @@ def test_not_built_versions(self):
         self.assertIn("/en/latest/", response.data["html"])
         self.assertNotIn("/en/2.0/", response.data["html"])
 
+    def test_invalid_footer_url(self):
+        # The built versions appears on the footer
+        self.url = reverse("footer_html") + "/invalid/url"
+        response = self.render()
+        self.assertEqual(response.status_code, 404)
+
 
 class TestFooterHTML(BaseTestFooterHTML, TestCase):
     pass