diff --git a/lib/common/utils.js b/lib/common/utils.js
index 51d91f3..58d6d0e 100644
--- a/lib/common/utils.js
+++ b/lib/common/utils.js
@@ -30,7 +30,7 @@ function assign(obj /*from1, from2, from3, ...*/) {
 }
 
 
-var ESCAPE_TEST_RE = /[<>"]/;
+var ESCAPE_TEST_RE = /[&<>"]/;
 
 function escapeHtml(str) {
   if (ESCAPE_TEST_RE.test(str)) {