diff --git a/NEWS b/NEWS
index 9ef0667d..2da90ca7 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,9 @@
 xbps-0.10.2 (???):
 
+ * libxbpps: when fetching new pkg-index.plist from a repository,
+   make sure that it's a plist file and can be internalized; otherwise
+   remove downloaded file and return error.
+
  * xbps-bin(8): new test for the 'check' target to fix missing
    entries in requiredby array, i.e reverse dependencies in
    the package database plist.
diff --git a/lib/repository_sync_index.c b/lib/repository_sync_index.c
index 0a913953..0bc9012e 100644
--- a/lib/repository_sync_index.c
+++ b/lib/repository_sync_index.c
@@ -89,6 +89,7 @@ xbps_get_remote_repo_string(const char *uri)
 int
 xbps_repository_sync_pkg_index(const char *uri)
 {
+	prop_dictionary_t tmpd;
 	struct xbps_handle *xhp;
 	struct url *url = NULL;
 	struct utsname un;
@@ -198,6 +199,20 @@ xbps_repository_sync_pkg_index(const char *uri)
 	}
 	if (only_sync)
 		goto out;
+	/*
+	 * Make sure that downloaded plist file can be internalized, i.e
+	 * some HTTP servers don't return proper errors and sometimes
+	 * you get an HTML ASCII file :-)
+	 */
+	tmpd = prop_dictionary_internalize_from_zfile(tmp_metafile);
+	if (tmpd == NULL) {
+		xbps_error_printf("[rsyncidx] downloaded pkg-index.plist "
+		    "file cannot be read! removing...\n");
+		(void)unlink(tmp_metafile);
+		rv = -1;
+		goto out;
+	}
+	prop_object_release(tmpd);
 
 	lrepofile = xbps_xasprintf("%s/%s", lrepodir, XBPS_PKGINDEX);
 	if (lrepofile == NULL) {