diff --git a/app/models/article.rb b/app/models/article.rb
index 9686564..2a6931a 100644
--- a/app/models/article.rb
+++ b/app/models/article.rb
@@ -26,6 +26,8 @@ class Article < ActiveRecord::Base
     article.published_at = article.created_at if article.published_at.nil?
   end
 
+  xss_terminate :only => [ :name ]
+
   def self.human_attribute_name(attrib)
     case attrib.to_sym
     when :name
diff --git a/app/models/event.rb b/app/models/event.rb
index 53019a3..ce44583 100644
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -6,7 +6,7 @@ class Event < Article
   settings_items :link, :type => :string
   settings_items :address, :type => :string
 
-  xss_terminate :only => [ :description ], :with => 'white_list'
+  xss_terminate :only => [ :description, :link, :address ], :with => 'white_list'
 
   validates_presence_of :title, :start_date
 
diff --git a/app/models/profile.rb b/app/models/profile.rb
index ecfdd9f..ca02140 100644
--- a/app/models/profile.rb
+++ b/app/models/profile.rb
@@ -269,6 +269,7 @@ class Profile < ActiveRecord::Base
   end
 
   xss_terminate :only => [ :name, :nickname, :address, :contact_phone ]
+  xss_terminate :only => [ :custom_footer, :custom_header ], :with => 'white_list'
 
   # returns the contact email for this profile.
   #
--
libgit2 0.21.2