diff --git a/src/dropper/routes.py b/src/dropper/routes.py
index a7e7913..40bbfe9 100644
--- a/src/dropper/routes.py
+++ b/src/dropper/routes.py
@@ -2,7 +2,7 @@
 import os, hashlib, json, base64
 
 # Flask imports
-from flask import Flask, request, render_template, session, send_from_directory, url_for, redirect
+from flask import Flask, request, render_template, session, send_from_directory, url_for, redirect, escape
 from flask_uploads import UploadSet, configure_uploads, ALL
 from werkzeug.utils import secure_filename
 
@@ -29,7 +29,7 @@ with open(NOTES_PTH) as infile:
     try:
         notesJson = json.load(infile)
         for entry in notesJson:
-            notesListEncoded.append(entry)
+            notesListEncoded.append(escape(entry))
             entryDecoded = str(base64.urlsafe_b64decode( entry.encode("utf-8") ), "utf-8")
             notesListDecoded.append(entryDecoded)
     except Exception as e: