diff --git a/apiserver/apiserver/api/serializers.py b/apiserver/apiserver/api/serializers.py
index e131037..47d6bd5 100644
--- a/apiserver/apiserver/api/serializers.py
+++ b/apiserver/apiserver/api/serializers.py
@@ -7,6 +7,7 @@ from rest_auth.registration.serializers import RegisterSerializer
 from rest_auth.serializers import UserDetailsSerializer
 from uuid import uuid4
 from PIL import Image
+from bleach.sanitizer import Cleaner
 
 from . import models, old_models
 
@@ -44,12 +45,37 @@ def process_image(upload):
 
     return small, medium, large
 
+
+ALLOWED_TAGS = [
+        'h3',
+        'p',
+        'br',
+        'strong',
+        'em',
+        'u',
+        'code',
+        'ol',
+        'li',
+        'ul',
+        'a',
+        ]
+
+clean = Cleaner(tags=ALLOWED_TAGS).clean
+
+
+
+
+
 class UserEmailField(serializers.ModelField):
     def to_representation(self, obj):
         return getattr(obj.user, 'email', obj.old_email)
     def to_internal_value(self, data):
         return serializers.EmailField().run_validation(data)
 
+class HTMLField(serializers.CharField):
+    def to_internal_value(self, data):
+        data = clean(data)
+        return super().to_internal_value(data)
 
 
 
@@ -221,14 +247,13 @@ class SessionListSerializer(SessionSerializer):
 
 class CourseSerializer(serializers.ModelSerializer):
     name = serializers.CharField()
-    description = serializers.CharField(write_only=True)
     class Meta:
         model = models.Course
-        fields = ['id', 'name', 'description']
+        fields = ['id', 'name']
 
 class CourseDetailSerializer(serializers.ModelSerializer):
     sessions = SessionListSerializer(many=True, read_only=True)
-
+    description = HTMLField()
     class Meta:
         model = models.Course
         fields = '__all__'
diff --git a/apiserver/requirements.txt b/apiserver/requirements.txt
index ed354f8..d6b3173 100644
--- a/apiserver/requirements.txt
+++ b/apiserver/requirements.txt
@@ -1,5 +1,6 @@
 argon2-cffi==19.2.0
 asgiref==3.2.3
+bleach==3.1.0
 certifi==2019.11.28
 cffi==1.13.2
 chardet==3.0.4
@@ -11,6 +12,7 @@ djangorestframework==3.11.0
 fuzzywuzzy==0.17.0
 idna==2.8
 oauthlib==3.1.0
+Pillow==7.0.0
 pkg-resources==0.0.0
 pycparser==2.19
 python-Levenshtein==0.12.0
@@ -21,3 +23,4 @@ requests-oauthlib==1.3.0
 six==1.13.0
 sqlparse==0.3.0
 urllib3==1.25.7
+webencodings==0.5.1