diff --git a/src/XrdHttp/XrdHttpExtHandler.cc b/src/XrdHttp/XrdHttpExtHandler.cc
index 10195aa8815..c409b0ea7ae 100644
--- a/src/XrdHttp/XrdHttpExtHandler.cc
+++ b/src/XrdHttp/XrdHttpExtHandler.cc
@@ -90,7 +90,8 @@ verb(req->requestverb), headers(req->allheaders) {
   int envlen = 0;
   
   headers["xrd-http-query"] = req->opaque?req->opaque->Env(envlen):"";
-  headers["xrd-http-fullresource"] = req->resourceplusopaque.c_str();
+  const char * resourcePlusOpaque = req->resourceplusopaque.c_str();
+  headers["xrd-http-fullresource"] = resourcePlusOpaque != nullptr ? resourcePlusOpaque:"";
   headers["xrd-http-prot"] = prot->isHTTPS()?"https":"http";
   
   // These fields usually identify the client that connected
diff --git a/src/XrdHttp/XrdHttpReq.cc b/src/XrdHttp/XrdHttpReq.cc
index 9c753ae59b5..66023456957 100644
--- a/src/XrdHttp/XrdHttpReq.cc
+++ b/src/XrdHttp/XrdHttpReq.cc
@@ -409,13 +409,21 @@ int XrdHttpReq::parseFirstLine(char *line, int len) {
     return -1;
   }
 
-  // The first token cannot be too long
+
   pos = p - line;
+  // The first token cannot be too long
   if (pos > MAX_TK_LEN - 1) {
     request = rtMalformed;
     return -2;
   }
 
+  // The first space-delimited char cannot be the first one
+  // this allows to deal with the case when a client sends a first line that starts with a space " GET / HTTP/1.1"
+  if(pos == 0) {
+      request = rtMalformed;
+      return -4;
+  }
+
   // the first token must be non empty
   if (pos > 0) {
     line[pos] = 0;