diff --git a/querki/app/controllers/NavSection.scala b/querki/app/controllers/NavSection.scala
index 1d81e42ce..f622e3d00 100644
--- a/querki/app/controllers/NavSection.scala
+++ b/querki/app/controllers/NavSection.scala
@@ -117,6 +117,12 @@ case class NavSections(sections:Seq[Navigable])
 
 case class NavSection(val title:String, val links:Seq[Navigable]) extends Navigable
 
+/**
+ * Represents a single link to be shown in a menu.
+ * 
+ * IMPORTANT: the display is taken as literal HTML, and is not further escaped! Be very sure that anything
+ * you use for the display parameter has been properly HTML-neutered! 
+ */
 case class NavLink(display:String, url:Call, id:Option[String] = None, enabled:Boolean = true) extends Navigable
 
 case object NavDivider extends Navigable
diff --git a/querki/app/models/Thing.scala b/querki/app/models/Thing.scala
index 5e2651967..c6c224481 100644
--- a/querki/app/models/Thing.scala
+++ b/querki/app/models/Thing.scala
@@ -136,15 +136,35 @@ abstract class Thing(
   
   def thisAsContext(implicit request:RequestContext) = QLContext(ExactlyOne(LinkType(this.id)), Some(request))
   
-  def displayName:String = {
+  /**
+   * The Display Name of this Thing, rendered as a String.
+   * 
+   * IMPORTANT: what gets returned from here has already been HTML-processed, and should *not*
+   * be re-escaped!
+   */
+  def displayName:String = displayNameText.toString
+  
+  /**
+   * The Display Name of this Thing. This is the underlying form of access, and should
+   * be used to get at it as Html or HtmlWikitext. It has already been HTML-neutered, and
+   * is the safest and most flexible way to use this name.
+   */
+  def displayNameText:DisplayText = {
     val localName = localProp(DisplayNameProp) orElse localProp(NameProp)
     if (localName.isEmpty)
-      id.toString
+      DisplayText(id.toString)
     else {
       localName.get.renderPlain.raw
-    }
+    }    
   }
   
+  /**
+   * The *literal* Display Name of this Thing, exactly as typed.
+   * 
+   * IMPORTANT: this value has *NOT* been HTML-escaped. It must only be used in an environment that
+   * will do the escaping sometime later! Do not use this casually -- always test the environment that
+   * you will be using it in!
+   */
   def unsafeDisplayName:String = {
     val localName = localProp(DisplayNameProp) orElse localProp(NameProp)
     if (localName.isEmpty)
diff --git a/querki/app/models/Wikitext.scala b/querki/app/models/Wikitext.scala
index 91c6b244c..1b443fe22 100644
--- a/querki/app/models/Wikitext.scala
+++ b/querki/app/models/Wikitext.scala
@@ -14,6 +14,9 @@ case class DisplayText(val str:String) {
   override def toString() = str
   
   def +(other:DisplayText) = new DisplayText(str + other.str)
+  // Since a DisplayText is already HTML-neutered, it is safe to encode as HTML:
+  def html = Html(str)
+  def htmlWikitext = HtmlWikitext(html)
 }
 object DisplayText {
   implicit def displayText2String(disp:DisplayText) = disp.str
diff --git a/querki/app/models/system/Types.scala b/querki/app/models/system/Types.scala
index 48450cf47..a6cc6d7d5 100644
--- a/querki/app/models/system/Types.scala
+++ b/querki/app/models/system/Types.scala
@@ -399,7 +399,7 @@ object QLType extends QLType(QLTypeOID)
       val target = follow(context)(v)
       val text = target match {
         case Some(t) => {
-          val display = displayOpt.getOrElse(Wikitext(t.displayName))
+          val display = displayOpt.getOrElse(t.displayNameText.htmlWikitext)
           makeWikiLink(context, t, display)
         }
         case None => Wikitext("Bad Link: Thing " + v.toString + " not found")
diff --git a/querki/app/querki/search/Search.scala b/querki/app/querki/search/Search.scala
index 87d7fecf3..07f8b2224 100644
--- a/querki/app/querki/search/Search.scala
+++ b/querki/app/querki/search/Search.scala
@@ -25,8 +25,8 @@ object Search {
         // *rendered* view of this Thing. But that's challenging, so this should probably become Can View Source for now.
         if (!space.canRead(requester, t.id))
           Seq()
-        else if (t.displayName.toLowerCase().contains(searchComp)) {
-          Seq(SearchResult(t, DisplayNameProp, 1.0, DisplayText(t.displayName), List(t.displayName.toLowerCase().indexOf(searchComp))))
+        else if (t.unsafeDisplayName.toLowerCase().contains(searchComp)) {
+          Seq(SearchResult(t, DisplayNameProp, 1.0, t.unsafeDisplayName, List(t.unsafeDisplayName.toLowerCase().indexOf(searchComp))))
         } else {
           // For now, we're only going to deal with Text types.
           // TODO: cope with Links, Tags, and things like that!
diff --git a/querki/app/querki/search/SearchResults.scala b/querki/app/querki/search/SearchResults.scala
index 794dd7faa..377540e5e 100644
--- a/querki/app/querki/search/SearchResults.scala
+++ b/querki/app/querki/search/SearchResults.scala
@@ -2,6 +2,10 @@ package querki.search
 
 import models._
 
+/**
+ * A single result from searching. These results are *not* HTML-neutered, so they must be escaped
+ * before rendering!
+ */
 case class SearchResult(thing:Thing, prop:Property[_,_], score:Double, text:String, positions:List[Int])
 
 case class SearchResults(request:String, results:Seq[SearchResult])
\ No newline at end of file
diff --git a/querki/app/views/editThing.scala.html b/querki/app/views/editThing.scala.html
index 592cfa9fd..f195486f8 100644
--- a/querki/app/views/editThing.scala.html
+++ b/querki/app/views/editThing.scala.html
@@ -73,7 +73,7 @@
 
 @setTooltip(prop:Property[_,_]) = {
   @defining(prop.getPropOpt(PropSummary)(space)) { summaryOpt =>
-    @if(summaryOpt.isDefined) { title="@{summaryOpt.get.render(prop.thisAsContext(rc)).raw}" }
+    @if(summaryOpt.isDefined) { title="@Html(summaryOpt.get.render(prop.thisAsContext(rc)).raw)" }
   }
 }
 
@@ -81,7 +81,7 @@
   <div id="propGroup-@i" class="control-group @{if(v.isInherited) "inherited"}">
     <label class="control-label _withTooltip" @setTooltip(prop)>@Html(prop.getProp(PromptProp)(space).renderPlainOr(prop.getProp(NameProp)(space).renderPlain).raw)
       @if(v.hasInheritance) {
-        &nbsp;&nbsp;<button data-empty="@v.emptyControlId" data-model-name="@v.inheritedFrom.get.displayName" data-edits="@v.inputControlId" class="@editButtonClass(v) btn-mini">&nbsp;</button>
+        &nbsp;&nbsp;<button data-empty="@v.emptyControlId" data-model-name="@Html(v.inheritedFrom.get.displayName)" data-edits="@v.inputControlId" class="@editButtonClass(v) btn-mini">&nbsp;</button>
       } else {
         &nbsp;&nbsp;<button data-group="propGroup-@i" data-empty="@v.emptyControlId" data-edits="@v.inputControlId" class="trash-button btn-mini">&nbsp;</button>      
       }
@@ -524,7 +524,7 @@
     </div>
     
 	<div class="page-header">
-	    <h1>@pageTitle @cancelButton</h1>
+	    <h1>@Html(pageTitle) @cancelButton</h1>
 	</div>
 	
 	@if(!canEdit) {
diff --git a/querki/app/views/main.scala.html b/querki/app/views/main.scala.html
index 19bada846..4998800a6 100644
--- a/querki/app/views/main.scala.html
+++ b/querki/app/views/main.scala.html
@@ -71,9 +71,9 @@
 
 @displayNavLink(display:String, url:Call, idStr:String, enabled:Boolean) = {
   @if(enabled) {
-    <li><a href="@url" @idStr>@display</a></li>
+    <li><a href="@url" @idStr>@Html(display)</a></li>
   } else {
-    <li class="disabled"><a>@display</a></li>  
+    <li class="disabled"><a>@Html(display)</a></li>  
   }
 }
 
@@ -123,7 +123,7 @@
     <head>
         <meta name="viewport" content="width=device-width, initial-scale=1.0">
         
-        <title>@title</title>
+        <title>@Html(title)</title>
         <!-- TODO: we need to make this CSS responsive! But that may require jQuery Mobile... -->
         <link rel="stylesheet" media="screen" href="@routes.Assets.at("stylesheets/jquery-ui-1.10.0.custom.css")">
         <link rel="stylesheet" media="screen" href="@routes.Assets.at("stylesheets/jquery.ui.menubar.css")">
@@ -328,7 +328,7 @@
 	
 	@if(thing.isDefined) {
       <div id="delete-dialog" title="Confirm Delete">
-        <p><b>Are you sure you want to delete @{thing.get.displayName}? There is currently no way to get it back!</b></p>
+        <p><b>Are you sure you want to delete @Html(thing.get.displayName)? There is currently no way to get it back!</b></p>
       </div>	
 	}
 
diff --git a/querki/app/views/searchResults.scala.html b/querki/app/views/searchResults.scala.html
index ab223813e..a4f3aa1b8 100644
--- a/querki/app/views/searchResults.scala.html
+++ b/querki/app/views/searchResults.scala.html
@@ -39,7 +39,7 @@ <h1>@title</h1>
   
   <dl>
   @for(result <- results.results.sortBy(_.score).reverse) {
-    <dt><b><a href="@routes.Application.thing(rc.ownerHandle, rc.state.get.toThingId, result.thing.toThingId)">@result.thing.displayName</a></b> (@result.prop.displayName)</dt>
+    <dt><b><a href="@routes.Application.thing(rc.ownerHandle, rc.state.get.toThingId, result.thing.toThingId)">@result.thing.displayNameText.html</a></b> (@result.prop.displayNameText.html)</dt>
     <dd><pre><code>@boldfaceResult(result)</code></pre></dd>
   }
   </dl>
diff --git a/querki/app/views/showPropertyTemplate.scala.html b/querki/app/views/showPropertyTemplate.scala.html
index 21a53d6c4..722b162dc 100644
--- a/querki/app/views/showPropertyTemplate.scala.html
+++ b/querki/app/views/showPropertyTemplate.scala.html
@@ -19,7 +19,7 @@
   <div id="propGroup-@i" class="control-group @{if(v.isInherited) "inherited"}">
     <label class="control-label">@Html(prop.getProp(PromptProp)(space).renderPlainOr(prop.getProp(NameProp)(space).renderPlain).raw)
       @if(v.hasInheritance) {
-        &nbsp;&nbsp;<button data-empty="@v.emptyControlId" data-model-name="@v.inheritedFrom.get.displayName" data-edits="@v.inputControlId" class="@editButtonClass(v) btn-mini">&nbsp;</button>
+        &nbsp;&nbsp;<button data-empty="@v.emptyControlId" data-model-name="@Html(v.inheritedFrom.get.displayName)" data-edits="@v.inputControlId" class="@editButtonClass(v) btn-mini">&nbsp;</button>
       } else {
         &nbsp;&nbsp;<button data-group="propGroup-@i" data-empty="@v.emptyControlId" data-edits="@v.inputControlId" class="trash-button btn-mini">&nbsp;</button>      
       }
diff --git a/querki/app/views/subCreate.scala.html b/querki/app/views/subCreate.scala.html
index ec6c866e0..d8f9b2d3b 100644
--- a/querki/app/views/subCreate.scala.html
+++ b/querki/app/views/subCreate.scala.html
@@ -3,10 +3,10 @@
 <!DOCTYPE html>
 <html>
     <head>
-        <title>Created @newThing.displayName</title>
+        <title>Created @Html(newThing.displayName)</title>
         
         <script>
-          window.parent.onLinkCreated("@newThing.id", "@newThing.displayName");
+          window.parent.onLinkCreated("@newThing.id", "@Html(newThing.displayName)");
         </script>
     </head>
     
diff --git a/querki/app/views/thing.scala.html b/querki/app/views/thing.scala.html
index 475f7ed6c..11fa2e277 100644
--- a/querki/app/views/thing.scala.html
+++ b/querki/app/views/thing.scala.html
@@ -20,7 +20,7 @@
 @modelOpt = @{ thing.getModelOpt(space) }
 
 @linkTo(t:Thing) = {
-  <a href="@routes.Application.thing(rc.ownerId.toThingId, space.toThingId, t.toThingId)">@t.displayName</a>
+  <a href="@routes.Application.thing(rc.ownerId.toThingId, space.toThingId, t.toThingId)">@t.displayNameText.html</a>
 }
 
 @main(QuerkiTemplate.Thing, title, rc, true) {
@@ -44,7 +44,7 @@
 
         @if(!rc.chromeless) {
 	    <div class="page-header">
-	      <h1 class="_defaultTitle">@title @if(canEdit) { <a class="btn btn-mini btn-primary" title="Edit @title" href="@routes.Application.editThing(rc.ownerHandle, space.toThingId, thing.toThingId)"><i class="icon-edit icon-white"></i></a> }</h1>
+	      <h1 class="_defaultTitle">@Html(title) @if(canEdit) { <a class="btn btn-mini btn-primary" title="Edit @Html(title)" href="@routes.Application.editThing(rc.ownerHandle, space.toThingId, thing.toThingId)"><i class="icon-edit icon-white"></i></a> }</h1>
 	      @modelOpt match { 
 	        case Some(model) => {
 	          <p class="_smallSubtitle">(<a href="@routes.Application.thing(rc.ownerId.toThingId, space.toThingId, rawThingId)">@rawThingId</a>, 
diff --git a/querki/app/views/viewSource.scala.html b/querki/app/views/viewSource.scala.html
index d87b9bf3a..4eac01110 100644
--- a/querki/app/views/viewSource.scala.html
+++ b/querki/app/views/viewSource.scala.html
@@ -31,7 +31,7 @@
 }
 
 @linkTo(t:Thing) = {
-  <a href="@routes.Application.thing(rc.ownerId.toThingId, space.toThingId, t.toThingId)">@t.displayName</a>
+  <a href="@routes.Application.thing(rc.ownerId.toThingId, space.toThingId, t.toThingId)">@Html(t.displayName)</a>
 }
 
 @showProperty(prop:Property[_,_], v:QValue) = {
@@ -41,7 +41,7 @@
 
 @main(QuerkiTemplate.View, pageTitle, rc) {
   <div class="page-header">
-	<h1 class="_defaultTitle">@pageTitle <a class="cancelButton btn" href="@routes.Application.thing(rc.ownerHandle, space.toThingId, thing.toThingId)">Done</a></h1>
+	<h1 class="_defaultTitle">@Html(pageTitle) <a class="cancelButton btn" href="@routes.Application.thing(rc.ownerHandle, space.toThingId, thing.toThingId)">Done</a></h1>
     <p class="_smallSubtitle">(@linkTo(space.anything(thing.model).get))</p>
   </div>