diff --git a/web/lib/msgslib.ssjs b/web/lib/msgslib.ssjs
index 0cb0c074588693a3e27708c8a26ccb19ce48e651..79c6e4bbe16c8f415956e89f8956be77ecd073cb 100644
--- a/web/lib/msgslib.ssjs
+++ b/web/lib/msgslib.ssjs
@@ -183,9 +183,9 @@ function idx_to_user(fromidx)
 }
 
 function make_links(str) {
-	str=str.replace(/(?:http|https|ftp|telnet|gopher|irc|news)\:\/\/[\w\-\.]+\.[a-zA-Z]+(?::[\w]*)?(?:\/(?:[\w\-._\?\,\/\\\+&%\$#\=~\*]*))?[^,.\(\)&\s]/gi,function(str) {
+	str=str.replace(/(?:http|https|ftp|telnet|gopher|irc|news)\:\/\/[\w\-\.]+\.[a-zA-Z]+(?::[\w]*)?(?:\/(?:[\w\-._\?\,\/\\\+&amp;%\$#\=~\*]*))?[^,.\(\)<>&\s]/gi,function(str) {
 		var ret='<a href="'+str+'" target="_blank">'+str+'</a>';
 		return(ret);}
-	); 
+	);
 	return(str);
 }