diff --git a/trace.go b/trace.go
index 1e0a45f..b07cfa0 100644
--- a/trace.go
+++ b/trace.go
@@ -557,12 +557,16 @@ func wrapProxy(err error) Error {
 	}
 }
 
+// htmlEscaper matches the escaping done in [html/template] for text and quoted
+// attributes, which is slightly more than what [html.EscapeString] does.
 var htmlEscaper = strings.NewReplacer(
+	"\x00", "\uFFFD",
+	`"`, """, // """ is shorter than """.
 	`&`, "&",
 	`'`, "'", // "'" is shorter than "'" and apos was not in HTML until HTML5.
+	`+`, "+",
 	`<`, "&lt;",
 	`>`, "&gt;",
-	`"`, "&#34;", // "&#34;" is shorter than "&quot;".
 )
 
 // DebugReport formats the underlying error for display
diff --git a/trace_test.go b/trace_test.go
index eed9ffe..a23a6c2 100644
--- a/trace_test.go
+++ b/trace_test.go
@@ -195,7 +195,7 @@ func TestProxyErrorDebugReport(t *testing.T) {
 			err: proxyError{
 				TraceErr: &TraceErr{
 					Err: &TraceErr{
-						Err:      &BadParameterError{Message: `a < b & c > d "e"`},
+						Err:      &BadParameterError{Message: `a < b & c > d "e" + '` + "\x00" + `'`},
 						Traces:   innerTraces,
 						Fields:   map[string]interface{}{"k<ey": "v<al&ue>"},
 						Messages: []string{`<script>alert("xss")</script>`},
@@ -258,7 +258,7 @@ func TestTraceErrDebugReport(t *testing.T) {
 		{
 			name: "html special characters",
 			err: &TraceErr{
-				Err:      &BadParameterError{Message: `a < b & c > d "e"`},
+				Err:      &BadParameterError{Message: `a < b & c > d "e" + '` + "\x00" + `'`},
 				Traces:   traces,
 				Fields:   map[string]interface{}{"k<ey": "v<al&ue>"},
 				Messages: []string{`<script>alert("xss")</script>`},