diff --git a/apps/user_webfinger/webfinger.php b/apps/user_webfinger/webfinger.php
index da35cf29d0e..e702f27b56e 100755
--- a/apps/user_webfinger/webfinger.php
+++ b/apps/user_webfinger/webfinger.php
@@ -26,7 +26,7 @@ $WEBROOT=substr($SUBURI,0,-34);
 */
 
 
-$request = urldecode($_GET['q']);
+$request = strip_tags(urldecode($_GET['q']));
 if($_GET['q']) {
 	$reqParts = explode('@', $request);
 	$userName = $reqParts[0];