diff --git a/db.sqlite3 b/db.sqlite3
index 9c5c1e0..8753963 100644
Binary files a/db.sqlite3 and b/db.sqlite3 differ
diff --git a/news/__pycache__/views.cpython-37.pyc b/news/__pycache__/views.cpython-37.pyc
index 5731023..4a238b1 100644
Binary files a/news/__pycache__/views.cpython-37.pyc and b/news/__pycache__/views.cpython-37.pyc differ
diff --git a/news/views.py b/news/views.py
index 31e0bcc..809cd41 100644
--- a/news/views.py
+++ b/news/views.py
@@ -10,6 +10,7 @@ from django.contrib.auth import authenticate, login, logout, update_session_auth
 from django.contrib.auth.decorators import login_required
 from django.contrib.auth.forms import PasswordChangeForm
 from django.db.models import Q
+from django.utils.html import strip_tags
 from .models import Post, Comment, PostState
 from .forms import PostForm, CustomUserCreationForm, SigninForm
 from datetime import datetime
@@ -141,7 +142,7 @@ def comment_with_parent(request, post_id, comment_id):
     comment.post = get_object_or_404(Post, pk=post_id)
     if comment_id is not None:
         comment.parent_comment = get_object_or_404(Comment, pk=comment_id)
-    comment.body = request.POST['body']
+    comment.body = strip_tags(request.POST['body'])
     comment.save()
     comment.voters.add(request.user)
     comment.save()