diff --git a/js/id/ui/entity_editor.js b/js/id/ui/entity_editor.js
index e6d4509c2..045d04fc8 100644
--- a/js/id/ui/entity_editor.js
+++ b/js/id/ui/entity_editor.js
@@ -140,9 +140,27 @@ iD.ui.EntityEditor = function(context) {
             });
         }
         function cleanVal(k, v) {
-            return v.split(';')
+            var cleaned = v.split(';')
                 .map(function(s) { return s.trim(); })
                 .join(isOpeningHours(k) ? '; ' : ';');
+
+            // The code below is not intended to validate websites and emails.
+            // It is only intended to prevent obvious copy-paste errors. (#2323)
+
+            // clean website-like tags
+            if (k.indexOf('website') !== -1 || cleaned.indexOf('http') !== -1) {
+                cleaned = cleaned
+                    .replace(/[\u200B-\u200F\uFEFF]/g, '')  // strip LRM and other zero width chars
+                    .replace(/[^\w\+\-\.\/\?\[\]\(\)~!@#$%&*',:;=]/g, encodeURIComponent);
+
+            // clean email-like tags
+            } else if (k.indexOf('email') !== -1) {
+                cleaned = cleaned
+                    .replace(/[\u200B-\u200F\uFEFF]/g, '')  // strip LRM and other zero width chars
+                    .replace(/[^\w\+\-\.\/\?\|~!@#$%^&*'`{};=]/g, '');  // note: ';' allowed as OSM delimiter
+            }
+
+            return cleaned;
         }
 
         var out = {}, k, v;