I am using Facebooker for Facebook Connect with Rails 2.3.5 with the rails_xss plugin, which escapes HTML by default unless you use raw. I recently started seeing exceptions that looked like this: The top of the HTML contains a &...