diff --git a/nanolets/src/main/java/org/nanohttpd/router/RouterNanoHTTPD.java b/nanolets/src/main/java/org/nanohttpd/router/RouterNanoHTTPD.java
index de949b0a..69c663cf 100644
--- a/nanolets/src/main/java/org/nanohttpd/router/RouterNanoHTTPD.java
+++ b/nanolets/src/main/java/org/nanohttpd/router/RouterNanoHTTPD.java
@@ -162,8 +162,8 @@ public Response get(UriResource uriResource, Map<String, String> urlParams, IHTT
             Map<String, String> queryParams = session.getParms();
             if (queryParams.size() > 0) {
                 for (Map.Entry<String, String> entry : queryParams.entrySet()) {
-                    String key = entry.getKey();
-                    String value = entry.getValue();
+                    String key = sanitise(entry.getKey());
+                    String value = sanitise(entry.getValue());
                     text.append("<p>Param '");
                     text.append(key);
                     text.append("' = ");
@@ -175,6 +175,10 @@ public Response get(UriResource uriResource, Map<String, String> urlParams, IHTT
             }
             return Response.newFixedLengthResponse(getStatus(), getMimeType(), text.toString());
         }
+
+        private String sanitise(String possibleCode) {
+            return org.apache.commons.text.StringEscapeUtils.escapeHtml4(possibleCode);
+        }
     }
 
     /**
diff --git a/pom.xml b/pom.xml
index 34f03e60..d8895c21 100644
--- a/pom.xml
+++ b/pom.xml
@@ -348,6 +348,11 @@
 		</plugins>
 	</reporting>
 	<dependencies>
+		<dependency>
+			<groupId>org.apache.commons</groupId>
+			<artifactId>commons-text</artifactId>
+			<version>1.9</version>
+		</dependency>
 		<dependency>
 			<groupId>junit</groupId>
 			<artifactId>junit</artifactId>