diff --git a/src/Fast404.php b/src/Fast404.php
index 389e014..be1d8cc 100644
--- a/src/Fast404.php
+++ b/src/Fast404.php
@@ -3,6 +3,7 @@
 namespace Drupal\fast404;
 
 use Drupal\Component\Render\FormattableMarkup;
+use Drupal\Component\Utility\UrlHelper;
 use Drupal\Core\Database\Database;
 use Drupal\Core\Site\Settings;
 use Drupal\Core\StreamWrapper\AssetsStream;
@@ -274,12 +275,12 @@ class Fast404 {
     $headers = [
       Settings::get('fast404_HTTP_status_method', 'mod_php') === 'FastCGI' ? 'Status:' : 'HTTP/1.0' => $return_gone ? '410 Gone' : '404 Not Found',
     ];
-    $response = new Response(new FormattableMarkup($message, ['@path' => $this->request->getPathInfo()]), $return_gone ? 410 : 404, $headers);
+    $response = new Response(new FormattableMarkup($message, ['@path' => UrlHelper::stripDangerousProtocols($this->request->getPathInfo())]), $return_gone ? 410 : 404, $headers);
     if ($return) {
       return $response;
     }
     $response->send();
-    throw new ServiceUnavailableHttpException(3, 'The requested URL "@path" was not found on this server. Try again shortly.', ['@path' => $this->request->getPathInfo()]);
+    throw new ServiceUnavailableHttpException(3, 'The requested URL "' . UrlHelper::stripDangerousProtocols($this->request->getPathInfo()) . '" was not found on this server. Try again shortly.');
   }
 
   /**