diff --git a/app.js b/app.js
index 1c3d416..b58cf8d 100644
--- a/app.js
+++ b/app.js
@@ -1,5 +1,6 @@
 let fs = require('fs'),
     path = require('path');
+const serializejs = require('serialize-javascript');
 
 const commandLineArgs = require('command-line-args');
 const optionDefinitions = [
@@ -52,6 +53,7 @@ global.syzoj = {
 
     // Use cookie parser
     app.use(require('cookie-parser')());
+    app.locals.serializejs = serializejs;
 
     let multer = require('multer');
     app.multer = multer({ dest: syzoj.utils.resolvePath(syzoj.config.upload_dir, 'tmp') });
diff --git a/package.json b/package.json
index 3802959..d32594a 100644
--- a/package.json
+++ b/package.json
@@ -43,12 +43,12 @@
     "jsondiffpatch": "0.2.5",
     "jsonwebtoken": "^8.4.0",
     "katex": "^0.10.0",
+    "mariadb": "^2.0.2-rc",
     "mathjax-node": "^2.1.1",
     "moemark": "^0.3.10",
-    "moment": "^2.23.0",
+    "moment": "^2.24.0",
     "msgpack-lite": "^0.1.26",
     "multer": "^1.2.0",
-    "mariadb": "^2.0.2-rc",
     "node-7z": "^0.4.0",
     "nodemailer": "^4.7.0",
     "object-assign-deep": "^0.4.0",
@@ -58,6 +58,7 @@
     "request-promise": "^4.1.1",
     "sendmail": "^1.1.1",
     "sequelize": "^5.0.0-beta.15",
+    "serialize-javascript": "^1.6.1",
     "session-file-store": "^1.0.0",
     "socket.io": "^2.2.0",
     "stream-to-string": "^1.1.0",
diff --git a/views/admin_links.ejs b/views/admin_links.ejs
index 4fb8e51..14480a3 100644
--- a/views/admin_links.ejs
+++ b/views/admin_links.ejs
@@ -62,7 +62,7 @@ this.adminPage = 'links';
 </form>
 
 <script>
-var links = <%- JSON.stringify(links) %>;
+var links = <%- serializejs(links) %>;
 $('.remove_link').click(function () {
   links.splice($(this).data('id'), 1);
   $('#submit_data').val(JSON.stringify(links));
diff --git a/views/admin_raw.ejs b/views/admin_raw.ejs
index 6e41a60..da69c29 100644
--- a/views/admin_raw.ejs
+++ b/views/admin_raw.ejs
@@ -3,7 +3,7 @@
 <form method="post" class="ui form">
 
 <div id="editor" style="border: 1px solid #D4D4D5; height: 500px; margin-bottom: 20px; "></div>
-<script>$('#editor').text(<%- JSON.stringify(data) %>)</script>
+<script>$('#editor').text(<%- serializejs(data) %>)</script>
 <input type="hidden" name="data">
 
 <script src="<%- lib('ace/1.4.2/ace.js') %>"></script>
diff --git a/views/forget_confirm.ejs b/views/forget_confirm.ejs
index ba01a5e..e48d26d 100644
--- a/views/forget_confirm.ejs
+++ b/views/forget_confirm.ejs
@@ -50,7 +50,7 @@ function submitForm() {
         url: "/api/reset_password",
         type: 'POST',
         data: {
-            "token": <%- JSON.stringify(token) %>,
+            "token": <%- serializejs(token) %>,
             "password": password
         },
         async: true,
diff --git a/views/index.ejs b/views/index.ejs
index e31aa09..be4351c 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -56,7 +56,7 @@
                     <td style="font-content">
                       <script id="user-infomation-script-<%= i %>">
                       (function () {
-                        var html = <%- JSON.stringify(user.information) %>;
+                        var html = <%- serializejs(user.information) %>;
                         var elem = document.createElement('div');
                         elem.style = 'overflow: hidden; width: 100%; position: relative; ';
                         elem.style.maxHeight = lineHeight + 'px';
diff --git a/views/login.ejs b/views/login.ejs
index 0d78f75..416ac89 100644
--- a/views/login.ejs
+++ b/views/login.ejs
@@ -50,7 +50,7 @@ function show_error(error) {
     $("#error").show();
 }
 function success(session_id) {
-    window.location.href = location.protocol + '//' + location.host + <%- JSON.stringify(req.query.url || '/') %>;
+    window.location.href = location.protocol + '//' + location.host + <%- serializejs(req.query.url || '/') %>;
 }
 function login() {
     password = md5($("#password").val() + "syzoj2_xxx");
diff --git a/views/problem.ejs b/views/problem.ejs
index da0e687..0655a62 100644
--- a/views/problem.ejs
+++ b/views/problem.ejs
@@ -237,7 +237,7 @@ div[class*=ace_br] {
               }
               %>
               <script>
-              var cases = <%- JSON.stringify(cases) %>, currCase = 0;
+              var cases = <%- serializejs(cases) %>, currCase = 0;
               </script>
               <div class="ui grid">
                 <% if (testcases) { %>
@@ -325,7 +325,7 @@ div[class*=ace_br] {
                 </div>
                 <div class="twelve wide stretched column" style="padding-left: 0; margin-left: calc(-1rem - 1px); width: calc(75% + 1rem + 1px + 25px) !important; ">
                   <div id="editor" style="border: 1px solid #D4D4D5; "></div>
-                  <% if (state) { %><script>$('#editor').text(<%- JSON.stringify(state.code) %>)</script><% } %>
+                  <% if (state) { %><script>$('#editor').text(<%- serializejs(state.code) %>)</script><% } %>
                 </div>
                 <div class="inline fields" style="width: 100%; ">
                 <div class="field" style="margin: 0 auto; ">
diff --git a/views/problem_data.ejs b/views/problem_data.ejs
index 291ef10..1e98f6e 100644
--- a/views/problem_data.ejs
+++ b/views/problem_data.ejs
@@ -145,7 +145,7 @@ function getIcon(filename) {
         </div>
         <script>
         function check_replace() {
-          var old_files = <%- JSON.stringify((testdata && testdata.files ? testdata.files : []).map(function(x) { return x.filename; })) %>;
+          var old_files = <%- serializejs((testdata && testdata.files ? testdata.files : []).map(function(x) { return x.filename; })) %>;
           var replaced_files = Array.prototype.slice.call($('#upload_file')[0].files).map(function (x) { return x.name; }).filter(function (x) { return old_files.includes(x); });
           var s = '';
           for (let file of replaced_files) s += '<samp>' + file + '</samp><br>';
diff --git a/views/ranklist.ejs b/views/ranklist.ejs
index 0f0aa2f..ccb3285 100644
--- a/views/ranklist.ejs
+++ b/views/ranklist.ejs
@@ -42,7 +42,7 @@
 		        	<td class="font-content">
               <script id="user-infomation-script-<%= i %>">
               (function () {
-                var html = <%- JSON.stringify(user.information) %>;
+                var html = <%- serializejs(user.information) %>;
                 var elem = document.createElement('div');
                 elem.style = 'overflow: hidden; width: 100%; position: relative; ';
                 elem.style.maxHeight = lineHeight + 'px';
diff --git a/views/sign_up.ejs b/views/sign_up.ejs
index 30ee340..b236fae 100644
--- a/views/sign_up.ejs
+++ b/views/sign_up.ejs
@@ -37,7 +37,7 @@ function show_error(error) {
 
 function success() {
     alert("注册成功！");
-    window.location.href = location.protocol + '//' + location.host + <%- JSON.stringify(req.query.url || '/') %>;
+    window.location.href = location.protocol + '//' + location.host + <%- serializejs(req.query.url || '/') %>;
 }
 
 function mail_required() {
@@ -63,7 +63,7 @@ function submit() {
           username: $("#username").val(),
           password: password,
           email: $("#email").val(),
-          prevUrl: <%- JSON.stringify(req.query.url || '/') %>
+          prevUrl: <%- serializejs(req.query.url || '/') %>
         },
         success: function(data) {
             error_code = data.error_code;
diff --git a/views/statistics.ejs b/views/statistics.ejs
index 1fd54a7..05d2481 100644
--- a/views/statistics.ejs
+++ b/views/statistics.ejs
@@ -103,7 +103,7 @@ function getColorOfScore(score) {
   <script type="text/javascript">
   new Morris.Bar({
   	element: 'score-distribution-chart',
-  	data: <%- JSON.stringify(statistics.scoreDistribution) %>,
+  	data: <%- serializejs(statistics.scoreDistribution) %>,
   	barColors: function(r, s, type) {
   		return getColorOfScore(r.label);
   	},
@@ -129,7 +129,7 @@ function getColorOfScore(score) {
   %>
   new Morris.Line({
   	element: 'score-distribution-chart-pre',
-    data: <%- JSON.stringify(statistics.prefixSum) %>,
+    data: <%- serializejs(statistics.prefixSum) %>,
   	xkey: 'score',
   	ykeys: ['count'],
   	labels: ['number'],
@@ -161,7 +161,7 @@ function getColorOfScore(score) {
   %>
   new Morris.Line({
   	element: 'score-distribution-chart-suf',
-    data: <%- JSON.stringify(statistics.suffixSum) %>,
+    data: <%- serializejs(statistics.suffixSum) %>,
   	xkey: 'score',
   	ykeys: ['count'],
   	labels: ['number'],
diff --git a/views/submission.ejs b/views/submission.ejs
index e3fa240..2dc657a 100644
--- a/views/submission.ejs
+++ b/views/submission.ejs
@@ -149,8 +149,8 @@ Vue.component("code-box", {
     props: ['title', 'content', 'escape']
 });
 const socketUrl = "/detail";
-const displayConfig = <%- JSON.stringify(displayConfig) %>;
-const token = <%- JSON.stringify(socketToken) %>;
+const displayConfig = <%- serializejs(displayConfig) %>;
+const token = <%- serializejs(socketToken) %>;
 
 const TestcaseResultType = {};
 (function (TestcaseResultType) {
@@ -187,8 +187,8 @@ const TaskStatus = {};
     TaskStatus[TaskStatus["Skipped"] = 4] = "Skipped";
 })(TaskStatus);
 
-const unformattedCode = <%- JSON.stringify(code) %>;
-const formattedCode = <%- JSON.stringify(formattedCode) %>;
+const unformattedCode = <%- serializejs(code) %>;
+const formattedCode = <%- serializejs(formattedCode) %>;
 
 function toggleFormattedCode() {
   if (vueApp.currentFormatted) {
@@ -204,14 +204,14 @@ const vueApp = new Vue({
   el: '#vueAppFuckSafari',
   data: {
     roughData: {
-      info: <%- JSON.stringify(info) %>,
-      result: <%- JSON.stringify(roughResult) %>,
+      info: <%- serializejs(info) %>,
+      result: <%- serializejs(roughResult) %>,
       running: false,
       displayConfig: displayConfig
     },
-    code: <%- JSON.stringify(preferFormattedCode && formattedCode !== null) -%> ? formattedCode : unformattedCode,
-    currentFormatted: <%- JSON.stringify(preferFormattedCode && formattedCode !== null) -%>,
-    detailResult: <%- JSON.stringify(detailResult) %>,
+    code: <%- serializejs(preferFormattedCode && formattedCode !== null) -%> ? formattedCode : unformattedCode,
+    currentFormatted: <%- serializejs(preferFormattedCode && formattedCode !== null) -%>,
+    detailResult: <%- serializejs(detailResult) %>,
     displayConfig: displayConfig,
   },
   computed: {
diff --git a/views/submissions.ejs b/views/submissions.ejs
index f0f00bb..cc16b77 100644
--- a/views/submissions.ejs
+++ b/views/submissions.ejs
@@ -74,7 +74,7 @@
       <script>
       $(function () {
         $('#my_submit').click(function () {
-          $('[name=submitter]').val(<%- JSON.stringify(user.username) %>);
+          $('[name=submitter]').val(<%- serializejs(user.username) %>);
           $('#form').submit();
         });
       });
@@ -129,9 +129,9 @@ $(function () {
   $('#select_language').dropdown();
   $('#select_status').dropdown();
 });
-const itemList = <%- JSON.stringify(items) %>;
+const itemList = <%- serializejs(items) %>;
 const socketUrl = "/rough";
-const displayConfig = <%- JSON.stringify(displayConfig) %>;
+const displayConfig = <%- serializejs(displayConfig) %>;
 
 const vueApp = new Vue({
   el: '#vueAppFuckSafari',
diff --git a/views/submissions_item.ejs b/views/submissions_item.ejs
index 66c11f8..f5fb1d4 100644
--- a/views/submissions_item.ejs
+++ b/views/submissions_item.ejs
@@ -10,13 +10,13 @@ function formatSize(x, precision) {
   return fixed + ' ' + unit;
 }
 
-const submissionUrl = <%- JSON.stringify(displayConfig.inContest ?
+const submissionUrl = <%- serializejs(displayConfig.inContest ?
   syzoj.utils.makeUrl(['contest', 'submission', '20000528']) :
   syzoj.utils.makeUrl(['submission', '20000528'])) %>;
-const problemUrl = <%- JSON.stringify(displayConfig.inContest ?
+const problemUrl = <%- serializejs(displayConfig.inContest ?
   syzoj.utils.makeUrl(['contest', contest.id, 'problem', '20000528']) :
   syzoj.utils.makeUrl(['problem', '20000528'])) %>;
-const userUrl = <%- JSON.stringify(syzoj.utils.makeUrl(['user', '20000528'])) %>;
+const userUrl = <%- serializejs(syzoj.utils.makeUrl(['user', '20000528'])) %>;
 
 Vue.component('submission-item', {
   template: '#submissionItemTemplate',