diff --git a/applications/common/utils/validate.py b/applications/common/utils/validate.py
index 882baf58a7e834c9a0d1a0dacb4fa1b7e1d182f5..acad154f776a0ce25c3f50ef10bc600da61d5e3e 100644
--- a/applications/common/utils/validate.py
+++ b/applications/common/utils/validate.py
@@ -2,7 +2,15 @@
 import validators
 from markupsafe import escape
 from validators import validator
+import html
 
+def xss_escape(s):
+    """
+    XSS防护
+    """
+    if s is None:
+        return None
+    return html.escape(str(s))
 
 def str_escape(s):
     if not s: