diff --git a/src/Blob.h b/src/Blob.h
index c388023..5ff9bac 100644
--- a/src/Blob.h
+++ b/src/Blob.h
@@ -6,6 +6,7 @@
 #define DIGIBYTECORE_BLOB_H
 
 
+#include <cstdint>
 #include <cstring>
 #include <string>
 #include <vector>
diff --git a/src/DigiByteCore.cpp b/src/DigiByteCore.cpp
index 1717a65..8bb4611 100644
--- a/src/DigiByteCore.cpp
+++ b/src/DigiByteCore.cpp
@@ -18,6 +18,25 @@
 using jsonrpc::Client;
 using jsonrpc::JSONRPC_CLIENT_V1;
 
+/**
+ * URL-encode a string for safe use in HTTP basic auth URLs.
+ * Characters like /, +, =, @ in RPC passwords would otherwise
+ * break the URL parsing in jsonrpc::HttpClient.
+ */
+static std::string urlEncode(const std::string& value) {
+    std::string encoded;
+    for (unsigned char c : value) {
+        if (isalnum(c) || c == '-' || c == '_' || c == '.' || c == '~') {
+            encoded += c;
+        } else {
+            char buf[4];
+            snprintf(buf, sizeof(buf), "%%%02X", c);
+            encoded += buf;
+        }
+    }
+    return encoded;
+}
+
 using jsonrpc::HttpClient;
 using jsonrpc::JsonRpcException;
 
@@ -90,8 +109,8 @@ void DigiByteCore::makeConnection() {
     //see if core is online and config if valid
     try {
         httpClient.reset(new jsonrpc::HttpClient(
-                "http://" + config.getString("rpcuser") + ":" +
-                config.getString("rpcpassword") + "@" +
+                "http://" + urlEncode(config.getString("rpcuser")) + ":" +
+                urlEncode(config.getString("rpcpassword")) + "@" +
                 config.getString("rpcbind", "127.0.0.1") + ":" +
                 std::to_string(_useAssetPort ? config.getInteger("rpcassetport", 14024) : config.getInteger("rpcport", 14022))));
         client.reset(new jsonrpc::Client(*httpClient, jsonrpc::JSONRPC_CLIENT_V1));