I think the solution is to encode the HTML text before sending it to the browser, e.g. use < and > instead of < and >. You'll need to encode other stuff too such as & with &. I don't know if there's a standard
Java API to do this but there must surely be free, open source APIs available.
Jules