diff --git a/js/form.js b/js/form.js
index cfeeda57..300d5be7 100644
--- a/js/form.js
+++ b/js/form.js
@@ -57,6 +57,19 @@ function closeFormPopUp() {
     document.body.style.position = "";
 }
 
+function sanitize(string) {
+    const map = {
+        '&': '&',
+        '<': '&lt;',
+        '>': '&gt;',
+        '"': '&quot;',
+        "'": '&#x27;',
+        "/": '&#x2F;',
+    };
+    const reg = /[&<>"'/]/ig;
+    return string.replace(reg, (match)=>(map[match]));
+  }
+
 function handleFormSubmission() {
     const countdownForm = document.getElementById('customDateForm');
     const submitbutton = document.getElementById('countdown-submit');
@@ -69,7 +82,7 @@ function handleFormSubmission() {
         submitbutton.disabled = true;
         // get text field values, with auto values
         let userTextField = document.getElementById('countdownText');
-        let userText = userTextField.value;
+        let userText = sanitize(userTextField.value);
 
         if (!userText) {
             userText = userTextField.placeholder;
diff --git a/js/formupdate.js b/js/formupdate.js
index 7fa9459d..f8a0e376 100644
--- a/js/formupdate.js
+++ b/js/formupdate.js
@@ -57,6 +57,19 @@ function closeFormPopUp() {
     document.body.style.position = "";
 }
 
+function sanitize(string) {
+    const map = {
+        '&': '&amp;',
+        '<': '&lt;',
+        '>': '&gt;',
+        '"': '&quot;',
+        "'": '&#x27;',
+        "/": '&#x2F;',
+    };
+    const reg = /[&<>"'/]/ig;
+    return string.replace(reg, (match)=>(map[match]));
+  }
+
 function handleFormSubmission() {
     const countdownForm = document.getElementById('customDateForm');
     const submitbutton = document.getElementById('countdown-submit');
@@ -69,7 +82,9 @@ function handleFormSubmission() {
         submitbutton.disabled = true;
         // get text field values, with auto values
         let userTextField = document.getElementById('countdownText');
-        let userText = userTextField.value;
+        console.log(userTextField.value, 'user input');
+        let userText = sanitize(userTextField.value)
+        console.log(userText, 'sanitized user');
 
         if (!userText) {
             userText = userTextField.placeholder;
diff --git a/sw.js b/sw.js
index 3013512e..3de7ca25 100644
--- a/sw.js
+++ b/sw.js
@@ -1,7 +1,7 @@
-// #4
+// #5
 
-const staticCacheName = 'site-static-v31';
-const dynamicCache = 'site-dynamic-v31';
+const staticCacheName = 'site-static-v32';
+const dynamicCache = 'site-dynamic-v32';
 
 const dynamicCacheSize = 30;