diff --git a/addons/account/edi/invoice_action_data.xml b/addons/account/edi/invoice_action_data.xml
index c4b0c8103f1..bdb08d66cfe 100644
--- a/addons/account/edi/invoice_action_data.xml
+++ b/addons/account/edi/invoice_action_data.xml
@@ -22,8 +22,8 @@
         <!--Email template -->
         <record id="email_template_edi_invoice" model="email.template">
             <field name="name">Invoice - Send by Email</field>
-            <field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'}</field>
-            <field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a' })</field>
+            <field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'|safe}</field>
+            <field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a'})</field>
             <field name="email_recipients">${object.partner_id.id}</field>
             <field name="model_id" ref="account.model_account_invoice"/>
             <field name="auto_delete" eval="True"/>
@@ -33,7 +33,7 @@
             <field name="body_html"><![CDATA[
 <div style="font-family: 'Lucica Grande', Ubuntu, Arial, Verdana, sans-serif; font-size: 12px; color: rgb(34, 34, 34); background-color: #FFF; ">
 
-    <p>Hello${object.partner_id.name and ' ' or ''}${object.partner_id.name or ''},</p>
+    <p>Hello ${object.partner_id.name or ''},</p>
 
     <p>A new invoice is available for you: </p>
     
@@ -46,24 +46,32 @@
        &nbsp;&nbsp;Order reference: ${object.origin}<br />
        % endif
        % if object.user_id:
-       &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''}?subject=Invoice%20${object.number}">${object.user_id.name}</a>
+       &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''|safe}?subject=Invoice%20${object.number}">${object.user_id.name}</a>
        % endif
     </p>  
     
     % if object.company_id.paypal_account and object.type in ('out_invoice'):
-    <% 
-    comp_name = quote(object.company_id.name)
-    inv_number = quote(object.number)
-    paypal_account = quote(object.company_id.paypal_account)
-    inv_amount = quote(str(object.residual))
-    cur_name = quote(object.currency_id.name)
-    paypal_url = "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&amp;business=%s&amp;item_name=%s%%20Invoice%%20%s&amp;" \
-                 "invoice=%s&amp;amount=%s&amp;currency_code=%s&amp;button_subtype=services&amp;no_note=1&amp;bn=OpenERP_Invoice_PayNow_%s" % \
-                 (paypal_account,comp_name,inv_number,inv_number,inv_amount,cur_name,cur_name)
+    <% set paypal_url = (
+            "https://www.paypal.com/cgi-bin/webscr?cmd=_xclick"
+            "&amp;business=%(paypal_account)s"
+            "&amp;item_name=%(company_name)s%%20Invoice%%20%(inv)s"
+            "&amp;invoice=%(inv)s"
+            "&amp;amount=%(amount)s"
+            "&amp;currency_code=%(currency)s"
+            "&amp;button_subtype=services"
+            "&amp;no_note=1"
+            "&amp;bn=OpenERP_Invoice_PayNow_%(currency)s"
+            % {
+                'paypal_account': quote(object.company_id.paypal_account),
+                'company_name': quote(object.company_id.name),
+                'inv': quote(object.number),
+                'amount': quote(str(object.residual)),
+                'currency': quote(object.currency_id.name),
+            })
     %>
     <br/>
     <p>It is also possible to directly pay with Paypal:</p>
-        <a style="margin-left: 120px;" href="${paypal_url}">
+        <a style="margin-left: 120px;" href="${paypal_url|safe}">
             <img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/>
         </a>
     % endif
@@ -99,7 +107,7 @@
         % endif
         % if object.company_id.website:
             <div>
-                Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
+                Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a>
             </div>
         %endif
         <p></p>
diff --git a/addons/email_template/email_template.py b/addons/email_template/email_template.py
index 826b82186e4..e4cbc20f8f6 100644
--- a/addons/email_template/email_template.py
+++ b/addons/email_template/email_template.py
@@ -53,6 +53,10 @@ try:
         trim_blocks=True,               # do not output newline after blocks
         autoescape=True,                # XML/HTML automatic escaping
     )
+    mako_template_env.globals.update({
+        'str': str,
+        'quote': quote,
+    })
 except ImportError:
     _logger.warning("jinja2 not available, templating features will not work!")
 
@@ -89,7 +93,6 @@ class email_template(osv.osv):
                 'object': record,
                 'user': user,
                 'ctx': context,     # context kw would clash with mako internals
-                'quote': quote,
             }
             result = mako_template_env.from_string(template).render(variables)
             if result == u"False":