diff --git a/ChangeLog b/ChangeLog
index 14894eab1..fdae8d79c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -23,6 +23,8 @@
     solely extension based).
 17. Fix extraction of album names from DB - for use in tag editor and playlist
     rules dialogs.
+18. Fix some potential security issues - thanks to Jonas Wielicki for the
+    patches.
 
 2.1.0
 -----
diff --git a/http/httpsocket.cpp b/http/httpsocket.cpp
index aea968266..3d889c0fa 100644
--- a/http/httpsocket.cpp
+++ b/http/httpsocket.cpp
@@ -227,9 +227,25 @@ void HttpSocket::handleNewConnection()
 {
     DBUG;
     while (hasPendingConnections()) {
-        QTcpSocket *s = nextPendingConnection();
-        connect(s, SIGNAL(readyRead()), this, SLOT(readClient()));
-        connect(s, SIGNAL(disconnected()), this, SLOT(discardClient()));
+        QTcpSocket *socket = nextPendingConnection();
+
+        static const QLatin1String constIpV6Prefix("::ffff:");
+
+        QString peer=socket->peerAddress().toString();
+        QString ifaceAddress=serverAddress().toString();
+        const bool hostOk=peer==ifaceAddress || peer==mpdAddr || peer==(constIpV6Prefix+mpdAddr) ||
+                          peer==QLatin1String("127.0.0.1") || peer==(constIpV6Prefix+QLatin1String("127.0.0.1"));
+
+        DBUG << "peer:" << peer << "mpd:" << mpdAddr << "iface:" << ifaceAddress << "ok:" << hostOk;
+        if (!hostOk) {
+            sendErrorResponse(socket, 400);
+            socket->close();
+            DBUG << "Not from valid host";
+            return;
+        }
+
+        connect(socket, SIGNAL(readyRead()), this, SLOT(readClient()));
+        connect(socket, SIGNAL(disconnected()), this, SLOT(discardClient()));
     }
 }
 
@@ -253,21 +269,6 @@ void HttpSocket::readClient()
                 return;
             }
 
-            static const QLatin1String constIpV6Prefix("::ffff:");
-
-            QString peer=socket->peerAddress().toString();
-            QString ifaceAddress=serverAddress().toString();
-            bool hostOk=peer==ifaceAddress || peer==mpdAddr || peer==(constIpV6Prefix+mpdAddr) ||
-                        peer==QLatin1String("127.0.0.1") || peer==(constIpV6Prefix+QLatin1String("127.0.0.1"));
-
-            DBUG << "peer:" << peer << "mpd:" << mpdAddr << "iface:" << ifaceAddress << "ok:" << hostOk;
-            if (!hostOk) {
-                sendErrorResponse(socket, 400);
-                socket->close();
-                DBUG << "Not from valid host";
-                return;
-            }
-
             QUrl url(QUrl::fromEncoded(tokens[1]));
             QUrlQuery q(url);
             bool ok=false;