diff --git a/app/pages/legal.js b/app/pages/legal.js
index af196ab9..3b92b4d1 100644
--- a/app/pages/legal.js
+++ b/app/pages/legal.js
@@ -1,4 +1,5 @@
 const html = require('choo/html');
+const raw = require('choo/html/raw');
 
 function replaceLinks(str, urls) {
   let i = -1;
@@ -6,7 +7,7 @@ function replaceLinks(str, urls) {
     i++;
     return `<a href="${urls[i]}">${v}</a>`;
   });
-  return [`<div class="description">${s}</div>`];
+  return `<div class="description">${s}</div>`;
 }
 
 module.exports = function(state) {
@@ -14,14 +15,14 @@ module.exports = function(state) {
     <div id="page-one">
       <div id="legal">
         <div class="title">${state.translate('legalHeader')}</div>
-          ${html(
+          ${raw(
             replaceLinks(state.translate('legalNoticeTestPilot'), [
               'https://testpilot.firefox.com/terms',
               'https://testpilot.firefox.com/privacy',
               'https://testpilot.firefox.com/experiments/send'
             ])
           )}
-          ${html(
+          ${raw(
             replaceLinks(state.translate('legalNoticeMozilla'), [
               'https://www.mozilla.org/privacy/websites/',
               'https://www.mozilla.org/about/legal/terms/mozilla/'
diff --git a/app/pages/share.js b/app/pages/share.js
index 5fa8b127..aa16a8e5 100644
--- a/app/pages/share.js
+++ b/app/pages/share.js
@@ -1,5 +1,6 @@
 /* global EXPIRE_SECONDS */
 const html = require('choo/html');
+const raw = require('choo/html/raw');
 const assets = require('../../common/assets');
 const notFound = require('./notFound');
 const uploadPasswordSet = require('../templates/uploadPasswordSet');
@@ -9,12 +10,12 @@ const { allowedCopy, delay, fadeOut } = require('../utils');
 
 function expireInfo(file, translate, emit) {
   const hours = Math.floor(EXPIRE_SECONDS / 60 / 60);
-  const el = html([
-    `<div>${translate('expireInfo', {
+  const el = html`<div>${raw(
+    translate('expireInfo', {
       downloadCount: '<select></select>',
       timespan: translate('timespanHours', { num: hours })
-    })}</div>`
-  ]);
+    })
+  )}</div>`;
   const select = el.querySelector('select');
   const options = [1, 2, 3, 4, 5, 20].filter(i => i > (file.dtotal || 0));
   const t = num => translate('downloadCount', { num });
diff --git a/app/templates/uploadPasswordSet.js b/app/templates/uploadPasswordSet.js
index acff383e..9e86e25a 100644
--- a/app/templates/uploadPasswordSet.js
+++ b/app/templates/uploadPasswordSet.js
@@ -1,4 +1,5 @@
 const html = require('choo/html');
+const raw = require('choo/html/raw');
 
 module.exports = function(state, emit) {
   const file = state.storage.getFileById(state.params.id);
@@ -30,12 +31,12 @@ module.exports = function(state, emit) {
 
   function passwordSpan(password) {
     password = password || '●●●●●';
-    const span = html([
-      `<span>${state.translate('passwordResult', {
+    const span = html`<span>${raw(
+      state.translate('passwordResult', {
         password:
           '<pre class="passwordOriginal"></pre><pre class="passwordMask"></pre>'
-      })}</span>`
-    ]);
+      })
+    )}</span>`;
     const og = span.querySelector('.passwordOriginal');
     const masked = span.querySelector('.passwordMask');
     og.textContent = password;