diff --git a/common/curl.c b/common/curl.c
index 405d2f4..43fe976 100644
--- a/common/curl.c
+++ b/common/curl.c
@@ -48,7 +48,8 @@ int queryUrl(const char* dest_url, struct MemoryStruct* chunk, int useInsecureSS
  
     curl = curl_easy_init();
     if(curl) {
-        curl_easy_setopt(curl, CURLOPT_URL, dest_url);
+        char* escaped_url = curl_easy_escape(curl, dest_url, 0);
+        curl_easy_setopt(curl, CURLOPT_URL, escaped_url);
  
         curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, WriteMemoryCallback);
         curl_easy_setopt(curl, CURLOPT_WRITEDATA, (void*)chunk); 
@@ -67,6 +68,7 @@ int queryUrl(const char* dest_url, struct MemoryStruct* chunk, int useInsecureSS
             syslog(LOG_ERR, "pwncheck: queryUrl: curl_easy_perform() failed: %s", curl_easy_strerror(res));
  
         /* always cleanup */ 
+        curl_free(escaped_url);
         curl_easy_cleanup(curl);
     }
  
diff --git a/kerberos/src/krb_password_pwncheck.c b/kerberos/src/krb_password_pwncheck.c
index ab0b615..0ae723e 100644
--- a/kerberos/src/krb_password_pwncheck.c
+++ b/kerberos/src/krb_password_pwncheck.c
@@ -64,9 +64,14 @@ pwqual_pwncheck_check(krb5_context context, krb5_pwqual_moddata data,
     int 	ret 		= DEF_PWD_RETURN; // default is unspecified issue
     int		isInsecure 	= FALSE;
 
-   struct cfgpwned config; 
-   syslog(LOG_DEBUG, "pwncheck: check: started\n");
-   int retconfig = parseConfig(&config, "/etc/krb5-pwned-password.conf");
+    struct cfgpwned config; 
+    syslog(LOG_DEBUG, "pwncheck: check: started\n");
+    int retconfig = parseConfig(&config, "/etc/krb5-pwned-password.conf");
+
+    //if (princ == NULL)
+    //{
+    //    return ret;
+    //}
 
     if (princ->data && krb5_princ_size(context, princ) > 0) {
         user = princ->data[0].data;