diff --git a/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp b/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
index b0b5ad8fa..fc52c3a2c 100644
--- a/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
+++ b/src/cpp/JSONInterface/JsonRequestHandlerFactory.cpp
@@ -65,7 +65,7 @@ Poco::Net::HTTPRequestHandler* JsonRequestHandlerFactory::createRequestHandler(c
 		return new JsonUpdateUserInfos;
 	}
 	else if (url_first_part == "/unsecureLogin" && (ServerConfig::g_AllowUnsecureFlags & ServerConfig::UNSECURE_PASSWORD_REQUESTS)) {
-		return new JsonUnsecureLogin(request.clientAddress().host());
+		return new JsonUnsecureLogin(client_host);
 	}
 	else if (url_first_part == "/logout") {
 		return new JsonLogout(client_host);
diff --git a/src/cpp/ServerConfig.cpp b/src/cpp/ServerConfig.cpp
index 07469f757..67ab28f52 100644
--- a/src/cpp/ServerConfig.cpp
+++ b/src/cpp/ServerConfig.cpp
@@ -243,7 +243,7 @@ namespace ServerConfig {
 		if (cfg.getInt("unsecure.allow_auto_sign_transactions", 0) == 1) {
 			g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_AUTO_SIGN_TRANSACTIONS);
 		}
-		if (cfg.getInt("unsercure.allow_cors_all", 0) == 1) {
+		if (cfg.getInt("unsecure.allow_cors_all", 0) == 1) {
 			g_AllowUnsecureFlags = (AllowUnsecure)(g_AllowUnsecureFlags | UNSECURE_CORS_ALL);
 		}