diff --git a/app/models/article.rb b/app/models/article.rb
index a7d2cba..6c65a7b 100644
--- a/app/models/article.rb
+++ b/app/models/article.rb
@@ -348,7 +348,11 @@ class Article < ActiveRecord::Base
 
   def sanitize_tag_list
     sanitizer = HTML::FullSanitizer.new
-    self.tag_list.names.map!{|i| sanitizer.sanitize(i) }
+    self.tag_list.names.map!{|i| strip_tag_name sanitizer.sanitize(i) }
+  end
+
+  def strip_tag_name(tag_name)
+    tag_name.gsub(/[<>]/, '')
   end
 
 end
diff --git a/db/migrate/20100413231206_strip_html_from_tag_names.rb b/db/migrate/20100413231206_strip_html_from_tag_names.rb
new file mode 100644
index 0000000..cee1176
--- /dev/null
+++ b/db/migrate/20100413231206_strip_html_from_tag_names.rb
@@ -0,0 +1,12 @@
+class StripHtmlFromTagNames < ActiveRecord::Migration
+  def self.up
+    Tag.all(:conditions => "name LIKE '%<%' OR name LIKE '%>%'").each do |tag|
+      tag.name = tag.name.gsub(/[<>]/, '')
+      tag.save
+    end
+  end
+
+  def self.down
+    say "WARNING: cannot undo this migration"
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index cf48f6c..499b154 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -9,7 +9,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20100326171758) do
+ActiveRecord::Schema.define(:version => 20100413231206) do
 
   create_table "article_versions", :force => true do |t|
     t.integer  "article_id"
diff --git a/test/unit/article_test.rb b/test/unit/article_test.rb
index a7288ad..0f6859c 100644
--- a/test/unit/article_test.rb
+++ b/test/unit/article_test.rb
@@ -842,4 +842,21 @@ class ArticleTest < Test::Unit::TestCase
 
     assert_equal [ published ], profile.articles.published
   end
+
+  should 'sanitize tags after save article' do
+    article = fast_create(Article, :slug => 'article-with-tags', :profile_id => profile.id)
+    article.tags << Tag.new(:name => "TV Web w<script type='javascript'></script>")
+    assert_match /[<>]/, article.tags.last.name
+    article.save!
+    assert_no_match /[<>]/, article.tags.last.name
+  end
+
+  should 'strip HTML from tag names after save article' do
+    article = fast_create(Article, :slug => 'article-with-tags', :profile_id => profile.id)
+    article.tags << Tag.new(:name => "TV Web w<script type=...")
+    assert_match /</, article.tags.last.name
+    article.save!
+    assert_no_match /</, article.tags.last.name
+  end
+
 end
--
libgit2 0.21.2