diff --git a/middleman-core/lib/middleman-core/rack.rb b/middleman-core/lib/middleman-core/rack.rb
index 390728b4..cf241d9f 100644
--- a/middleman-core/lib/middleman-core/rack.rb
+++ b/middleman-core/lib/middleman-core/rack.rb
@@ -2,6 +2,7 @@ require 'rack'
 require 'rack/file'
 require 'rack/lint'
 require 'rack/head'
+require 'rack/utils'
 
 require 'middleman-core/util'
 require 'middleman-core/logger'
@@ -124,6 +125,7 @@ module Middleman
 
     # Halt request and return 404
     def not_found(res, path)
+      path = ::Rack::Utils::escape_html(path)
       res.status = 404
       res.write "<html><head></head><body><h1>File Not Found</h1><p>#{path}</p></body></html>"
       res.finish