diff --git a/app/views/shared/_publisher.haml b/app/views/shared/_publisher.haml
index 4e2e461d1..d6f2873e6 100644
--- a/app/views/shared/_publisher.haml
+++ b/app/views/shared/_publisher.haml
@@ -21,7 +21,7 @@
         %params
           #publisher_textarea_wrapper
             %ul#photodropzone
-            = status.text_area :message, :rows => 2, :value => params[:prefill]
+            = status.text_area :message, :rows => 2, :value => h(params[:prefill])
 
       - for aspect_id in @aspect_ids
         = hidden_field_tag 'aspect_ids[]', aspect_id.to_s
diff --git a/app/views/shared/_reshare.haml b/app/views/shared/_reshare.haml
index 872acc531..9f6f0ad45 100644
--- a/app/views/shared/_reshare.haml
+++ b/app/views/shared/_reshare.haml
@@ -7,5 +7,5 @@
     = link_to t('.reshare'), "#"
 
   %ul.reshare_box
-    = aspect_links(aspects, :prefill => CGI::escape(post.message))
+    = aspect_links(aspects, :prefill => post.message)