diff --git a/templates/default/room/index.html.twig b/templates/default/room/index.html.twig
index 26508bb..f26d097 100644
--- a/templates/default/room/index.html.twig
+++ b/templates/default/room/index.html.twig
@@ -34,13 +34,16 @@
                             </svg>
                         </span>
                     {% endif %}
-                    {# markdown filter enabled could deanon chat users by external image request, disabled
                     <br />
-                    {{ post.message | message_to_markdown | markdown_to_html }}
-                    #}
-                    <p>
-                        {{ post.message | trim | nl2br }}
-                    </p>
+                    {# apply markdown whitelist filters only to prevent ping from remote includes #}
+                    {{
+                        post.message | trim
+                                     | striptags
+                                     | markdown_to_html
+                                     | striptags
+                                     | message_to_markdown
+                                     | markdown_to_html
+                    }}
                 </li>
             {% endfor %}
         </ul>