diff --git a/apptax/taxonomie/routestmedias.py b/apptax/taxonomie/routestmedias.py
index 41771dd8..b3bc5a6d 100644
--- a/apptax/taxonomie/routestmedias.py
+++ b/apptax/taxonomie/routestmedias.py
@@ -3,6 +3,7 @@
 from pathlib import Path
 import os
 from flask import json, Blueprint, request, current_app, send_file, abort
+from werkzeug.exceptions import Forbidden
 
 
 from .models import TMedias, BibTypesMedia
@@ -91,10 +92,15 @@ def getThumbnail_tmedias(id_media):
     height_params: str = params.get("h", None)
     width_params: str = params.get("w", None)
 
-    if width_params and width_params.isdigit():
+    if (width_params and not width_params.isdigit()) or (
+        height_params and not height_params.isdigit()
+    ):
+        raise Forbidden("Valeur de la hauteur ou largeur incorrecte: Un entier est attendu")
+
+    if width_params:
         size = (int(width_params), size[1])
 
-    if height_params and height_params.isdigit():
+    if height_params:
         size = (size[0], int(height_params))
 
     force = False
diff --git a/apptax/tests/test_media.py b/apptax/tests/test_media.py
index a93cda16..14a202a8 100644
--- a/apptax/tests/test_media.py
+++ b/apptax/tests/test_media.py
@@ -3,7 +3,7 @@
 
 from apptax.taxonomie.models import BibTypesMedia, TMedias
 import pytest
-from flask import url_for, current_app
+from flask import url_for, current_app, Response
 
 from apptax.database import db
 
@@ -133,25 +133,22 @@ def test_get_tmedias(self):
     #     id_media = json.loads(response.data)["id_media"]
     #     self.get_thumbnail(id_media)
 
-    def test_get_thumbnail(self, media):
+    @pytest.mark.parametrize(
+        "get_params,expected_status_code",
+        [
+            ({}, 200),
+            (dict(w=100), 200),
+            (dict(h=100), 200),
+            (dict(w=100, h=100), 200),
+            (dict(w="a", h="b"), 403),
+            (dict(h="b"), 403),
+        ],
+    )
+    def test_get_thumbnail(self, media, get_params, expected_status_code):
         id_media = media.id_media
 
-        response = self.client.get(
-            url_for("t_media.getThumbnail_tmedias", id_media=id_media),
-        )
-        assert response.status_code == 200
-
-        response = self.client.get(
-            url_for("t_media.getThumbnail_tmedias", id_media=id_media, w=200, h=200),
+        response: Response = self.client.get(
+            url_for("t_media.getThumbnail_tmedias", id_media=id_media, **get_params),
         )
-        assert response.status_code == 200
-
-        response = self.client.get(
-            url_for("t_media.getThumbnail_tmedias", id_media=id_media, w=200),
-        )
-        assert response.status_code == 200
-
-        response = self.client.get(
-            url_for("t_media.getThumbnail_tmedias", id_media=id_media, h=200),
-        )
-        assert response.status_code == 200
+        print(response.headers)
+        assert response.status_code == expected_status_code