HTML Escaping input text

There is a bug when a user types a string with characters like `"` and possibly others. The input value typed doesn't get selected or doesn't display correctly. It is possible there is a XXS vulnerability since we are trusting text input values currently as well.
