diff --git a/html.c b/html.c
index 9c04b99..05fa2cf 100644
--- a/html.c
+++ b/html.c
@@ -829,16 +829,16 @@ static xs_html *html_user_body(snac *user, int read_only)
     }
 
     if (read_only) {
-        xs *es1  = encode_html(xs_dict_get(user->config, "bio"));
         xs *tags = xs_list_new();
-        xs *bio1 = not_really_markdown(es1, NULL, &tags);
+        xs *bio1 = not_really_markdown(xs_dict_get(user->config, "bio"), NULL, &tags);
         xs *bio2 = process_tags(user, bio1, &tags);
+        xs *bio3 = sanitize(bio2);
 
-        bio2 = replace_shortnames(bio2, tags, 2, proxy);
+        bio3 = replace_shortnames(bio3, tags, 2, proxy);
 
         xs_html *top_user_bio = xs_html_tag("div",
             xs_html_attr("class", "p-note snac-top-user-bio"),
-            xs_html_raw(bio2)); /* already sanitized */
+            xs_html_raw(bio3)); /* already sanitized */
 
         xs_html_add(top_user,
             top_user_bio);