diff --git a/web-assets/js/setupAuth0WithRedirect.js b/web-assets/js/setupAuth0WithRedirect.js
index d2ef011..c1971be 100644
--- a/web-assets/js/setupAuth0WithRedirect.js
+++ b/web-assets/js/setupAuth0WithRedirect.js
@@ -422,7 +422,10 @@ const authSetup = function () {
 
     // XSS rules
     const encode = function(str) {
-        return str.replace(/[\x26\x0A\<>'"]/g,function(str){return"&#"+str.charCodeAt(0)+";"})
+        str = str.replace(/[\x26\x0A\<>'"]/g,function(str){return"&#"+str.charCodeAt(0)+";"})
+        return String(str).replace(/[^\w. ]/gi, function(c){
+            return '&#'+c.charCodeAt(0)+';';
+          });
     }
     // end XSS rules