diff --git a/utils/html_utils.py b/utils/html_utils.py
index 2db7dbf..464c0be 100644
--- a/utils/html_utils.py
+++ b/utils/html_utils.py
@@ -1,8 +1,11 @@
+def sanitize( s ):
+ return s.replace( "<", "<" ).replace( ">", ">" )
+
def html_a_format( url, text ):
- return "{}".format( url, text )
+ return "{}".format( url, sanitize( text ) )
def html_a_blank_format( url, text ):
- return "{}".format( url, text )
+ return "{}".format( url, sanitize( text ) )
# modify to have randon auth hash to verify owner
# target="dummyframe"
@@ -11,5 +14,5 @@ def html_delete_format( url, playlist_id, user_id, beatmap_id, text ):
-
+
"""
\ No newline at end of file