diff --git a/bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy b/bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy
index 40cf829d9977cfb564718bb5d1ba1f9644ab633c..970ddd04a2db4b681be08e3e005eb0424cf55dbe 100755
--- a/bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy
+++ b/bigbluebutton-web/grails-app/controllers/org/bigbluebutton/web/controllers/ApiController.groovy
@@ -793,7 +793,17 @@ class ApiController {
     }
 	 
 	String configXML = params.configXML
-	 
+	
+	String decodedConfigXML;
+        
+        try {
+            decodedConfigXML = URLDecoder.decode(configXML,"UTF-8");
+        } catch (UnsupportedEncodingException e) {
+            log.error("Couldn't decode config XML.");
+            invalid("configXMLError", "Cannot decode config XML")
+            return;
+        }
+         
 	  if (! paramsProcessorUtil.isConfigXMLChecksumSame(params.meetingID, configXML, params.checksum)) {		 
 		  response.addHeader("Cache-Control", "no-cache")
 		  withFormat {
@@ -818,7 +828,7 @@ class ApiController {
 				}
 			}
 			
-			String token = meeting.storeConfig(defaultConfig, configXML);
+			String token = meeting.storeConfig(defaultConfig, decodedConfigXML);
 			response.addHeader("Cache-Control", "no-cache")
 			withFormat {
 			  xml {
diff --git a/bigbluebutton-web/src/java/org/bigbluebutton/api/ParamsProcessorUtil.java b/bigbluebutton-web/src/java/org/bigbluebutton/api/ParamsProcessorUtil.java
index 67b357078b8b014d9c33a2d8eff2b225594b1a3c..1f9d445392c60ff2ad7e22e5adc8efe85fdb5716 100755
--- a/bigbluebutton-web/src/java/org/bigbluebutton/api/ParamsProcessorUtil.java
+++ b/bigbluebutton-web/src/java/org/bigbluebutton/api/ParamsProcessorUtil.java
@@ -476,20 +476,7 @@ public class ParamsProcessorUtil {
 			log.warn("Security is disabled in this service. Make sure this is intentional.");
 			return true;
 		}
-		
-/**		
-		String decodedConfigXML;
-		
-		try {
-			decodedConfigXML = URLDecoder.decode(configXML,"UTF-8");
-		} catch (UnsupportedEncodingException e) {
-			log.error("Couldn't decode config XML.");
-			return false;
-		}
-		
-		System.out.println("Calc checksum \n" + meetingID + decodedConfigXML + securitySalt);
-**/		
-		
+        
 		String cs = DigestUtils.shaHex(meetingID + configXML + securitySalt);
 		log.debug("our checksum: [{}], client: [{}]", cs, checksum);
 		System.out.println("our checksum: [" + cs + "] client: [" + checksum + "]");