diff --git a/src/posts/diffs.js b/src/posts/diffs.js
index ac79565ee3..33a17444ee 100644
--- a/src/posts/diffs.js
+++ b/src/posts/diffs.js
@@ -88,7 +88,7 @@ module.exports = function (Posts) {
 		getValidatedTimestamp(timestamp);
 
 		const [post, diffs, timestamps] = await Promise.all([
-			Posts.getPostSummaryByPids([pid], uid, { parse: false }),
+			Posts.getPostSummaryByPids([pid], uid, { parse: false, escape: true }),
 			Diffs.get(pid),
 			Diffs.list(pid),
 		]);
@@ -133,7 +133,7 @@ module.exports = function (Posts) {
 	async function postDiffLoad(pid, since, uid) {
 		// Retrieves all diffs made since `since` and replays them to reconstruct what the post looked like at `since`
 		const [post, diffs] = await Promise.all([
-			Posts.getPostSummaryByPids([pid], uid, { parse: false }),
+			Posts.getPostSummaryByPids([pid], uid, { parse: false, escape: true }),
 			Posts.diffs.get(pid, since),
 		]);
 
diff --git a/src/posts/summary.js b/src/posts/summary.js
index fc39428c83..89e6087036 100644
--- a/src/posts/summary.js
+++ b/src/posts/summary.js
@@ -19,6 +19,7 @@ module.exports = function (Posts) {
 
 		options.stripTags = options.hasOwnProperty('stripTags') ? options.stripTags : false;
 		options.parse = options.hasOwnProperty('parse') ? options.parse : true;
+		options.escape = options.hasOwnProperty('escape') ? options.escape : false;
 		options.extraFields = options.hasOwnProperty('extraFields') ? options.extraFields : [];
 
 		const fields = ['pid', 'tid', 'toPid', 'url', 'content', 'uid', 'timestamp', 'deleted', 'upvotes', 'downvotes', 'replies', 'handle'].concat(options.extraFields);
@@ -73,14 +74,19 @@ module.exports = function (Posts) {
 
 	async function parsePosts(posts, options) {
 		return await Promise.all(posts.map(async (post) => {
-			if (!post.content || !options.parse) {
-				post.content = post.content ? validator.escape(String(post.content)) : post.content;
+			if (!post.content) {
 				return post;
 			}
-			post = await Posts.parsePost(post);
+			if (options.parse) {
+				post = await Posts.parsePost(post);
+			}
 			if (options.stripTags) {
 				post.content = stripTags(post.content);
 			}
+			if (options.escape) {
+				post.content = post.content ? validator.escape(String(post.content)) : post.content;
+			}
+
 			return post;
 		}));
 	}