diff --git a/internal/auth/team_web.go b/internal/auth/team_web.go
index 3559a5f06..4679aaf91 100644
--- a/internal/auth/team_web.go
+++ b/internal/auth/team_web.go
@@ -26,7 +26,7 @@ func (h *webHandlers) addTeamHandlers(r *mux.Router) {
 func (h *webHandlers) newTeam(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -40,7 +40,7 @@ func (h *webHandlers) newTeam(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) createTeam(w http.ResponseWriter, r *http.Request) {
 	var opts CreateTeamOptions
 	if err := decode.All(&opts, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -51,7 +51,7 @@ func (h *webHandlers) createTeam(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -62,18 +62,18 @@ func (h *webHandlers) createTeam(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) getTeam(w http.ResponseWriter, r *http.Request) {
 	teamID, err := decode.Param("team_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	team, err := h.svc.GetTeamByID(r.Context(), teamID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	members, err := h.svc.ListTeamMembers(r.Context(), teamID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -82,14 +82,14 @@ func (h *webHandlers) getTeam(w http.ResponseWriter, r *http.Request) {
 	// retrieve the list.
 	subject, err := internal.SubjectFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	var users []*User
 	if subject.CanAccessSite(rbac.ListUsersAction) {
 		users, err = h.svc.ListUsers(r.Context())
 		if err != nil {
-			html.Error(w, err.Error(), http.StatusInternalServerError)
+			h.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
@@ -119,13 +119,13 @@ func (h *webHandlers) updateTeam(w http.ResponseWriter, r *http.Request) {
 		UpdateTeamOptions
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	team, err := h.svc.UpdateTeam(r.Context(), params.TeamID, params.UpdateTeamOptions)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -136,13 +136,13 @@ func (h *webHandlers) updateTeam(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) listTeams(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	teams, err := h.svc.ListTeams(r.Context(), org)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -162,18 +162,18 @@ func (h *webHandlers) listTeams(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) deleteTeam(w http.ResponseWriter, r *http.Request) {
 	teamID, err := decode.Param("team_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	team, err := h.svc.GetTeamByID(r.Context(), teamID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	err = h.svc.DeleteTeam(r.Context(), teamID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -184,12 +184,12 @@ func (h *webHandlers) deleteTeam(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) addTeamMember(w http.ResponseWriter, r *http.Request) {
 	var params TeamMembershipOptions
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	if err := h.svc.AddTeamMembership(r.Context(), params); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -200,12 +200,12 @@ func (h *webHandlers) addTeamMember(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) removeTeamMember(w http.ResponseWriter, r *http.Request) {
 	var params TeamMembershipOptions
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	if err := h.svc.RemoveTeamMembership(r.Context(), params); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/auth/web.go b/internal/auth/web.go
index 9ce2a886f..faf66d6b6 100644
--- a/internal/auth/web.go
+++ b/internal/auth/web.go
@@ -33,13 +33,13 @@ func (h *webHandlers) addHandlers(r *mux.Router) {
 func (h *webHandlers) listOrganizationUsers(w http.ResponseWriter, r *http.Request) {
 	name, err := decode.Param("name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	users, err := h.svc.ListOrganizationUsers(r.Context(), name)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -55,7 +55,7 @@ func (h *webHandlers) listOrganizationUsers(w http.ResponseWriter, r *http.Reque
 func (h *webHandlers) profileHandler(w http.ResponseWriter, r *http.Request) {
 	user, err := internal.SubjectFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	h.Render("profile.tmpl", w, struct {
diff --git a/internal/authenticator/oauth_authenticator.go b/internal/authenticator/oauth_authenticator.go
index e5d7f5cc3..01ae3863f 100644
--- a/internal/authenticator/oauth_authenticator.go
+++ b/internal/authenticator/oauth_authenticator.go
@@ -34,7 +34,7 @@ func (a *oauthAuthenticator) ResponseHandler(w http.ResponseWriter, r *http.Requ
 
 	client, err := a.NewClient(r.Context(), token)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
@@ -44,7 +44,7 @@ func (a *oauthAuthenticator) ResponseHandler(w http.ResponseWriter, r *http.Requ
 	// Get cloud user
 	cuser, err := client.GetUser(ctx)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
@@ -52,7 +52,7 @@ func (a *oauthAuthenticator) ResponseHandler(w http.ResponseWriter, r *http.Requ
 		Username: &cuser.Name,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 }
diff --git a/internal/authenticator/oidc_authenticator.go b/internal/authenticator/oidc_authenticator.go
index 2dee72211..c2db57a54 100644
--- a/internal/authenticator/oidc_authenticator.go
+++ b/internal/authenticator/oidc_authenticator.go
@@ -88,28 +88,28 @@ func (o oidcAuthenticator) ResponseHandler(w http.ResponseWriter, r *http.Reques
 	// Extract the ID Token from OAuth2 token.
 	rawIDToken, ok := token.Extra("id_token").(string)
 	if !ok {
-		html.Error(w, "id_token missing", http.StatusInternalServerError)
+		html.Error(w, "id_token missing", http.StatusInternalServerError, false)
 		return
 	}
 
 	// Parse and verify ID Token payload.
 	idt, err := o.verifier.Verify(r.Context(), rawIDToken)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
 	// Extract custom claims
 	var claims oidcClaims
 	if err := idt.Claims(&claims); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
 	// Get claims user
 	user, err := o.getUserFromClaims(claims)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
@@ -117,7 +117,7 @@ func (o oidcAuthenticator) ResponseHandler(w http.ResponseWriter, r *http.Reques
 		Username: &user.Name,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 }
diff --git a/internal/http/html/error.go b/internal/http/html/error.go
index 64d733fc3..673f9db0b 100644
--- a/internal/http/html/error.go
+++ b/internal/http/html/error.go
@@ -12,6 +12,7 @@ const errorTemplateContent = `
   <meta charset="utf-8">
   <meta name="viewport" content="width=device-width, initial-scale=1">
   <title>error | otf</title>
+  {{ if .DevMode }}<script src="http://localhost:35729/livereload.js"></script>{{ end }}
   <style>
   pre {
   	margin: auto;
@@ -25,15 +26,21 @@ const errorTemplateContent = `
   </style>
 </head>
 <body>
-  <pre>{{ . }}</pre>
+  <pre>{{ .Error }}</pre>
 </body>
 </html>
 `
 
 var errorTemplate = template.Must(template.New("error").Parse(errorTemplateContent))
 
-func Error(w http.ResponseWriter, err string, code int) {
+func Error(w http.ResponseWriter, err string, code int, devMode bool) {
 	w.WriteHeader(code)
 
-	errorTemplate.Execute(w, err)
+	errorTemplate.Execute(w, struct {
+		Error   string
+		DevMode bool
+	}{
+		Error:   err,
+		DevMode: devMode,
+	})
 }
diff --git a/internal/http/html/renderer.go b/internal/http/html/renderer.go
index dfbdfe0e5..9e0ae23f9 100644
--- a/internal/http/html/renderer.go
+++ b/internal/http/html/renderer.go
@@ -30,17 +30,20 @@ type (
 		templateRenderer
 	}
 
-	renderer struct {
-		templateRenderer
-	}
-
 	// pageRenderer renders an html page using the named template.
 	pageRenderer interface {
 		Render(name string, w http.ResponseWriter, page any)
 	}
-	// renderer locates and renders a template.
+
+	// templateRenderer locates and renders a template (a lower-level
+	// alternative to pageRenderer for rendering partial content).
 	templateRenderer interface {
 		RenderTemplate(name string, w io.Writer, data any) error
+		Error(w http.ResponseWriter, err string, code int)
+	}
+
+	renderer struct {
+		templateRenderer
 	}
 )
 
@@ -66,7 +69,7 @@ func (r *renderer) Render(name string, w http.ResponseWriter, page any) {
 	// purge flash messages from cookie store prior to rendering template
 	purgeFlashes(w)
 	if err := r.RenderTemplate(name, w, page); err != nil {
-		Error(w, err.Error(), http.StatusInternalServerError)
+		r.Error(w, err.Error(), http.StatusInternalServerError)
 	}
 }
 
diff --git a/internal/http/html/renderer_dev.go b/internal/http/html/renderer_dev.go
index f41fb5869..a84303726 100644
--- a/internal/http/html/renderer_dev.go
+++ b/internal/http/html/renderer_dev.go
@@ -2,6 +2,7 @@ package html
 
 import (
 	"io"
+	"net/http"
 )
 
 // devRenderer reads templates from disk. Intended for development purposes.
@@ -17,3 +18,7 @@ func (r *devRenderer) RenderTemplate(name string, w io.Writer, data any) error {
 
 	return renderTemplateFromCache(cache, name, w, data)
 }
+
+func (r *devRenderer) Error(w http.ResponseWriter, err string, code int) {
+	Error(w, err, code, true)
+}
diff --git a/internal/http/html/renderer_embedded.go b/internal/http/html/renderer_embedded.go
index 1b0b7817d..15f8e1c69 100644
--- a/internal/http/html/renderer_embedded.go
+++ b/internal/http/html/renderer_embedded.go
@@ -3,6 +3,7 @@ package html
 import (
 	"html/template"
 	"io"
+	"net/http"
 )
 
 // embeddedRenderer renders templates embedded in the go bin. Uses cache for
@@ -29,3 +30,7 @@ func newEmbeddedRenderer() (*embeddedRenderer, error) {
 func (r *embeddedRenderer) RenderTemplate(name string, w io.Writer, data any) error {
 	return renderTemplateFromCache(r.cache, name, w, data)
 }
+
+func (r *embeddedRenderer) Error(w http.ResponseWriter, err string, code int) {
+	Error(w, err, code, false)
+}
diff --git a/internal/logs/web.go b/internal/logs/web.go
index 857f78589..16bdf0696 100644
--- a/internal/logs/web.go
+++ b/internal/logs/web.go
@@ -41,7 +41,7 @@ func (h *webHandlers) tailRun(w http.ResponseWriter, r *http.Request) {
 		Offset int `schema:"offset,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		html.Error(w, err.Error(), http.StatusUnprocessableEntity, false)
 		return
 	}
 
@@ -51,7 +51,7 @@ func (h *webHandlers) tailRun(w http.ResponseWriter, r *http.Request) {
 		Offset: params.Offset,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		html.Error(w, err.Error(), http.StatusInternalServerError, false)
 		return
 	}
 
diff --git a/internal/module/web.go b/internal/module/web.go
index 7bb279b5e..47e76f82d 100644
--- a/internal/module/web.go
+++ b/internal/module/web.go
@@ -48,13 +48,13 @@ func (h *webHandlers) addHandlers(r *mux.Router) {
 func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 	var opts ListModulesOptions
 	if err := decode.All(&opts, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	modules, err := h.svc.ListModules(r.Context(), opts)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -73,13 +73,13 @@ func (h *webHandlers) get(w http.ResponseWriter, r *http.Request) {
 		Version *string `schema:"version"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	module, err := h.svc.GetModuleByID(r.Context(), params.ID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -91,13 +91,13 @@ func (h *webHandlers) get(w http.ResponseWriter, r *http.Request) {
 	}
 	if modver == nil {
 		// TODO: set flash and render
-		html.Error(w, "no version found", http.StatusNotFound)
+		h.Error(w, "no version found", http.StatusNotFound)
 		return
 	}
 
 	modinfo, err := h.svc.GetModuleInfo(r.Context(), modver.ID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -129,7 +129,7 @@ func (h *webHandlers) new(w http.ResponseWriter, r *http.Request) {
 		Step newModuleStep `schema:"step"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -146,13 +146,13 @@ func (h *webHandlers) new(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) newModuleConnect(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	providers, err := h.ListVCSProviders(r.Context(), org)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -174,13 +174,13 @@ func (h *webHandlers) newModuleRepo(w http.ResponseWriter, r *http.Request) {
 		// TODO: filters, public/private, etc
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	client, err := h.GetVCSClient(r.Context(), params.VCSProviderID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -190,7 +190,7 @@ func (h *webHandlers) newModuleRepo(w http.ResponseWriter, r *http.Request) {
 		PageSize: internal.MaxPageSize,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	var filtered []string
@@ -199,7 +199,7 @@ func (h *webHandlers) newModuleRepo(w http.ResponseWriter, r *http.Request) {
 		if err == ErrInvalidModuleRepo {
 			continue // skip repo
 		} else if err != nil {
-			html.Error(w, err.Error(), http.StatusInternalServerError)
+			h.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 		filtered = append(filtered, res)
@@ -225,13 +225,13 @@ func (h *webHandlers) newModuleConfirm(w http.ResponseWriter, r *http.Request) {
 		Repo          string `schema:"identifier,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	vcsprov, err := h.GetVCSProvider(r.Context(), params.VCSProviderID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -254,7 +254,7 @@ func (h *webHandlers) publish(w http.ResponseWriter, r *http.Request) {
 		Repo          Repo   `schema:"identifier,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -263,10 +263,10 @@ func (h *webHandlers) publish(w http.ResponseWriter, r *http.Request) {
 		VCSProviderID: params.VCSProviderID,
 	})
 	if err != nil && errors.Is(err, internal.ErrInvalidRepo) || errors.Is(err, ErrInvalidModuleRepo) {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	} else if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -277,13 +277,13 @@ func (h *webHandlers) publish(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) delete(w http.ResponseWriter, r *http.Request) {
 	id, err := decode.Param("module_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	deleted, err := h.svc.DeleteModule(r.Context(), id)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/organization/web.go b/internal/organization/web.go
index f5a51d248..548817489 100644
--- a/internal/organization/web.go
+++ b/internal/organization/web.go
@@ -50,13 +50,13 @@ func (a *web) addHandlers(r *mux.Router) {
 func (a *web) list(w http.ResponseWriter, r *http.Request) {
 	var opts OrganizationListOptions
 	if err := decode.Query(&opts, r.URL.Query()); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	organizations, err := a.svc.ListOrganizations(r.Context(), opts)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -65,7 +65,7 @@ func (a *web) list(w http.ResponseWriter, r *http.Request) {
 	// (b) The user has site permissions.
 	subject, err := internal.SubjectFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	var canCreate bool
@@ -89,13 +89,13 @@ func (a *web) list(w http.ResponseWriter, r *http.Request) {
 func (a *web) get(w http.ResponseWriter, r *http.Request) {
 	name, err := decode.Param("name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	org, err := a.svc.GetOrganization(r.Context(), name)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -111,13 +111,13 @@ func (a *web) get(w http.ResponseWriter, r *http.Request) {
 func (a *web) edit(w http.ResponseWriter, r *http.Request) {
 	name, err := decode.Param("name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	org, err := a.svc.GetOrganization(r.Context(), name)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -140,7 +140,7 @@ func (a *web) update(w http.ResponseWriter, r *http.Request) {
 		UpdatedName string `schema:"new_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -148,7 +148,7 @@ func (a *web) update(w http.ResponseWriter, r *http.Request) {
 		Name: &params.UpdatedName,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -159,13 +159,13 @@ func (a *web) update(w http.ResponseWriter, r *http.Request) {
 func (a *web) delete(w http.ResponseWriter, r *http.Request) {
 	organization, err := decode.Param("name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err = a.svc.DeleteOrganization(r.Context(), organization)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/orgcreator/web.go b/internal/orgcreator/web.go
index 85d07d44a..955bbfa3e 100644
--- a/internal/orgcreator/web.go
+++ b/internal/orgcreator/web.go
@@ -31,7 +31,7 @@ func (a *web) new(w http.ResponseWriter, r *http.Request) {
 func (a *web) create(w http.ResponseWriter, r *http.Request) {
 	var opts OrganizationCreateOptions
 	if err := decode.Form(&opts, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		a.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -42,7 +42,7 @@ func (a *web) create(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		a.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/run/service.go b/internal/run/service.go
index 523b51ecf..da7e95c3d 100644
--- a/internal/run/service.go
+++ b/internal/run/service.go
@@ -126,10 +126,10 @@ func NewService(opts Options) *service {
 	}
 
 	svc.web = &webHandlers{
-		Logger:           opts.Logger,
 		Renderer:         opts.Renderer,
 		WorkspaceService: opts.WorkspaceService,
 		logsdb:           db,
+		logger:           opts.Logger,
 		svc:              &svc,
 		starter: &starter{
 			ConfigurationVersionService: opts.ConfigurationVersionService,
diff --git a/internal/run/web.go b/internal/run/web.go
index 822ef6f16..007e9dc7c 100644
--- a/internal/run/web.go
+++ b/internal/run/web.go
@@ -18,12 +18,12 @@ import (
 
 type (
 	webHandlers struct {
-		logr.Logger
 		html.Renderer
 		WorkspaceService
 
 		logsdb
 
+		logger  logr.Logger
 		starter runStarter
 		svc     Service
 	}
@@ -61,13 +61,13 @@ func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 		WorkspaceID string `schema:"workspace_id,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.GetWorkspace(r.Context(), params.WorkspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	runs, err := h.svc.ListRuns(r.Context(), RunListOptions{
@@ -75,7 +75,7 @@ func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 		WorkspaceID: &params.WorkspaceID,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -91,30 +91,30 @@ func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) get(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	run, err := h.svc.GetRun(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	ws, err := h.GetWorkspace(r.Context(), run.WorkspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	// Get existing logs thus far received for each phase.
 	planLogs, err := h.GetLogs(r.Context(), run.ID, internal.PlanPhase)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	applyLogs, err := h.GetLogs(r.Context(), run.ID, internal.ApplyPhase)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -136,36 +136,36 @@ func (h *webHandlers) get(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) getWidget(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	run, err := h.svc.GetRun(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	if err := h.RenderTemplate("run_item.tmpl", w, run); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 	}
 }
 
 func (h *webHandlers) delete(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	run, err := h.svc.GetRun(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	err = h.svc.Delete(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.Workspace(run.WorkspaceID), http.StatusFound)
@@ -174,18 +174,18 @@ func (h *webHandlers) delete(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) cancel(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	run, err := h.svc.GetRun(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	_, err = h.svc.Cancel(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -195,13 +195,13 @@ func (h *webHandlers) cancel(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) apply(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err = h.svc.Apply(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.Run(runID)+"#apply", http.StatusFound)
@@ -210,13 +210,13 @@ func (h *webHandlers) apply(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) discard(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err = h.svc.DiscardRun(r.Context(), runID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.Run(runID), http.StatusFound)
@@ -228,7 +228,7 @@ func (h *webHandlers) startRun(w http.ResponseWriter, r *http.Request) {
 		Strategy    runStrategy `schema:"strategy,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -245,7 +245,7 @@ func (h *webHandlers) startRun(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) retry(w http.ResponseWriter, r *http.Request) {
 	runID, err := decode.Param("run_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -266,7 +266,7 @@ func (h *webHandlers) watch(w http.ResponseWriter, r *http.Request) {
 		RunID       string `schema:"run_id"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -274,7 +274,7 @@ func (h *webHandlers) watch(w http.ResponseWriter, r *http.Request) {
 		WorkspaceID: internal.String(params.WorkspaceID),
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -319,27 +319,27 @@ func (h *webHandlers) watch(w http.ResponseWriter, r *http.Request) {
 			// render HTML snippets and send as payload in SSE event
 			itemHTML := new(bytes.Buffer)
 			if err := h.RenderTemplate("run_item.tmpl", itemHTML, run); err != nil {
-				h.Error(err, "rendering template for run item")
+				h.logger.Error(err, "rendering template for run item")
 				continue
 			}
 			runStatusHTML := new(bytes.Buffer)
 			if err := h.RenderTemplate("run_status.tmpl", runStatusHTML, run); err != nil {
-				h.Error(err, "rendering run status template")
+				h.logger.Error(err, "rendering run status template")
 				continue
 			}
 			planStatusHTML := new(bytes.Buffer)
 			if err := h.RenderTemplate("phase_status.tmpl", planStatusHTML, run.Plan); err != nil {
-				h.Error(err, "rendering plan status template")
+				h.logger.Error(err, "rendering plan status template")
 				continue
 			}
 			applyStatusHTML := new(bytes.Buffer)
 			if err := h.RenderTemplate("phase_status.tmpl", applyStatusHTML, run.Apply); err != nil {
-				h.Error(err, "rendering apply status template")
+				h.logger.Error(err, "rendering apply status template")
 				continue
 			}
 			runActionsHTML := new(bytes.Buffer)
 			if err := h.RenderTemplate("run_actions.tmpl", runActionsHTML, run); err != nil {
-				h.Error(err, "rendering run actions template")
+				h.logger.Error(err, "rendering run actions template")
 				continue
 			}
 			js, err := json.Marshal(struct {
@@ -360,7 +360,7 @@ func (h *webHandlers) watch(w http.ResponseWriter, r *http.Request) {
 				RunActionsHTML:  runActionsHTML.String(),
 			})
 			if err != nil {
-				h.Error(err, "marshalling watched run", "run", run.ID)
+				h.logger.Error(err, "marshalling watched run", "run", run.ID)
 				continue
 			}
 			pubsub.WriteSSEEvent(w, js, event.Type, false)
diff --git a/internal/tokens/web.go b/internal/tokens/web.go
index 0343f2dae..c49d047bc 100644
--- a/internal/tokens/web.go
+++ b/internal/tokens/web.go
@@ -59,17 +59,17 @@ func (h *webHandlers) newUserToken(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) createUserToken(w http.ResponseWriter, r *http.Request) {
 	var opts CreateUserTokenOptions
 	if err := decode.Form(&opts, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 	_, token, err := h.svc.CreateUserToken(r.Context(), opts)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	if err := h.tokenFlashMessage(w, token); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.Tokens(), http.StatusFound)
@@ -78,7 +78,7 @@ func (h *webHandlers) createUserToken(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) userTokens(w http.ResponseWriter, r *http.Request) {
 	tokens, err := h.svc.ListUserTokens(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -103,11 +103,11 @@ func (h *webHandlers) userTokens(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) deleteUserToken(w http.ResponseWriter, r *http.Request) {
 	id := r.FormValue("id")
 	if id == "" {
-		html.Error(w, "missing id", http.StatusUnprocessableEntity)
+		h.Error(w, "missing id", http.StatusUnprocessableEntity)
 		return
 	}
 	if err := h.svc.DeleteUserToken(r.Context(), id); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "Deleted token")
@@ -122,7 +122,7 @@ func (h *webHandlers) deleteUserToken(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) adminLogin(w http.ResponseWriter, r *http.Request) {
 	token, err := decode.Param("token", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -136,7 +136,7 @@ func (h *webHandlers) adminLogin(w http.ResponseWriter, r *http.Request) {
 		Username: internal.String(auth.SiteAdminUsername),
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 }
@@ -148,7 +148,7 @@ func (h *webHandlers) adminLogin(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) newAgentToken(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -162,18 +162,18 @@ func (h *webHandlers) newAgentToken(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) createAgentToken(w http.ResponseWriter, r *http.Request) {
 	var opts CreateAgentTokenOptions
 	if err := decode.All(&opts, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	token, err := h.svc.CreateAgentToken(r.Context(), opts)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	if err := h.tokenFlashMessage(w, token); err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.AgentTokens(opts.Organization), http.StatusFound)
@@ -182,13 +182,13 @@ func (h *webHandlers) createAgentToken(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) listAgentTokens(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	tokens, err := h.svc.ListAgentTokens(r.Context(), org)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -208,13 +208,13 @@ func (h *webHandlers) listAgentTokens(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) deleteAgentToken(w http.ResponseWriter, r *http.Request) {
 	id, err := decode.Param("agent_token_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	at, err := h.svc.DeleteAgentToken(r.Context(), id)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/variable/web.go b/internal/variable/web.go
index 059b83caa..91b8305da 100644
--- a/internal/variable/web.go
+++ b/internal/variable/web.go
@@ -33,23 +33,23 @@ func (h *web) addHandlers(r *mux.Router) {
 func (h *web) new(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.GetWorkspace(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	policy, err := h.GetPolicy(r.Context(), ws.ID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	subject, err := internal.SubjectFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -79,7 +79,7 @@ func (h *web) create(w http.ResponseWriter, r *http.Request) {
 		WorkspaceID string `schema:"workspace_id,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -92,7 +92,7 @@ func (h *web) create(w http.ResponseWriter, r *http.Request) {
 		HCL:         &params.HCL,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -103,23 +103,23 @@ func (h *web) create(w http.ResponseWriter, r *http.Request) {
 func (h *web) list(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	variables, err := h.svc.ListVariables(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	ws, err := h.GetWorkspace(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	policy, err := h.GetPolicy(r.Context(), ws.ID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -141,28 +141,28 @@ func (h *web) list(w http.ResponseWriter, r *http.Request) {
 func (h *web) edit(w http.ResponseWriter, r *http.Request) {
 	variableID, err := decode.Param("variable_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	variable, err := h.svc.GetVariable(r.Context(), variableID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	ws, err := h.GetWorkspace(r.Context(), variable.WorkspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	policy, err := h.GetPolicy(r.Context(), ws.ID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	subject, err := internal.SubjectFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -184,13 +184,13 @@ func (h *web) edit(w http.ResponseWriter, r *http.Request) {
 func (h *web) update(w http.ResponseWriter, r *http.Request) {
 	variableID, err := decode.Param("variable_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	variable, err := h.svc.GetVariable(r.Context(), variableID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -209,7 +209,7 @@ func (h *web) update(w http.ResponseWriter, r *http.Request) {
 		HCL         *bool // form checkbox can only be true/false, not nil
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -222,7 +222,7 @@ func (h *web) update(w http.ResponseWriter, r *http.Request) {
 		HCL:         params.HCL,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -233,7 +233,7 @@ func (h *web) update(w http.ResponseWriter, r *http.Request) {
 func (h *web) updateSensitive(w http.ResponseWriter, r *http.Request, variable *Variable) {
 	value, err := decode.Param("value", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -241,7 +241,7 @@ func (h *web) updateSensitive(w http.ResponseWriter, r *http.Request, variable *
 		Value: internal.String(value),
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -252,13 +252,13 @@ func (h *web) updateSensitive(w http.ResponseWriter, r *http.Request, variable *
 func (h *web) delete(w http.ResponseWriter, r *http.Request) {
 	variableID, err := decode.Param("variable_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	variable, err := h.svc.DeleteVariable(r.Context(), variableID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/vcsprovider/web.go b/internal/vcsprovider/web.go
index c09827618..29dee5f0d 100644
--- a/internal/vcsprovider/web.go
+++ b/internal/vcsprovider/web.go
@@ -34,7 +34,7 @@ func (h *webHandlers) new(w http.ResponseWriter, r *http.Request) {
 		Cloud        string `schema:"cloud,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -56,7 +56,7 @@ func (h *webHandlers) create(w http.ResponseWriter, r *http.Request) {
 		Cloud            string `schema:"cloud,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -67,7 +67,7 @@ func (h *webHandlers) create(w http.ResponseWriter, r *http.Request) {
 		Cloud:        params.Cloud,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "created provider: "+provider.Name)
@@ -77,13 +77,13 @@ func (h *webHandlers) create(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	providers, err := h.svc.ListVCSProviders(r.Context(), org)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -101,13 +101,13 @@ func (h *webHandlers) list(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) delete(w http.ResponseWriter, r *http.Request) {
 	id, err := decode.Param("vcs_provider_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	provider, err := h.svc.DeleteVCSProvider(r.Context(), id)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "deleted provider: "+provider.Name)
diff --git a/internal/workspace/tags_web.go b/internal/workspace/tags_web.go
index a7ff2d8f4..be375f1ce 100644
--- a/internal/workspace/tags_web.go
+++ b/internal/workspace/tags_web.go
@@ -22,13 +22,13 @@ func (h *webHandlers) createTag(w http.ResponseWriter, r *http.Request) {
 		TagName     *string `schema:"tag_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err := h.svc.AddTags(r.Context(), *params.WorkspaceID, []TagSpec{{Name: *params.TagName}})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -42,13 +42,13 @@ func (h *webHandlers) deleteTag(w http.ResponseWriter, r *http.Request) {
 		TagName     *string `schema:"tag_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err := h.svc.RemoveTags(r.Context(), *params.WorkspaceID, []TagSpec{{Name: *params.TagName}})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
diff --git a/internal/workspace/web.go b/internal/workspace/web.go
index 0b3566710..cde791318 100644
--- a/internal/workspace/web.go
+++ b/internal/workspace/web.go
@@ -66,13 +66,13 @@ func (h *webHandlers) addHandlers(r *mux.Router) {
 func (h *webHandlers) listWorkspaces(w http.ResponseWriter, r *http.Request) {
 	var params ListOptions
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	workspaces, err := h.svc.ListWorkspaces(r.Context(), params)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -80,7 +80,7 @@ func (h *webHandlers) listWorkspaces(w http.ResponseWriter, r *http.Request) {
 	// listing is currently filtered by the tag or not.
 	tags, err := h.svc.listAllTags(r.Context(), *params.Organization)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	tagfilters := func() map[string]bool {
@@ -113,7 +113,7 @@ func (h *webHandlers) listWorkspaces(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) newWorkspace(w http.ResponseWriter, r *http.Request) {
 	org, err := decode.Param("organization_name", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -130,7 +130,7 @@ func (h *webHandlers) createWorkspace(w http.ResponseWriter, r *http.Request) {
 		Organization *string `schema:"organization_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -144,7 +144,7 @@ func (h *webHandlers) createWorkspace(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "created workspace: "+ws.Name)
@@ -154,23 +154,23 @@ func (h *webHandlers) createWorkspace(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) getWorkspace(w http.ResponseWriter, r *http.Request) {
 	id, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.GetWorkspace(r.Context(), id)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	policy, err := h.svc.GetPolicy(r.Context(), id)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	user, err := auth.UserFromContext(r.Context())
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -178,7 +178,7 @@ func (h *webHandlers) getWorkspace(w http.ResponseWriter, r *http.Request) {
 	if ws.Connection != nil {
 		provider, err = h.GetVCSProvider(r.Context(), ws.Connection.VCSProviderID)
 		if err != nil {
-			html.Error(w, err.Error(), http.StatusInternalServerError)
+			h.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
@@ -202,13 +202,13 @@ func (h *webHandlers) getWorkspaceByName(w http.ResponseWriter, r *http.Request)
 		Organization string `schema:"organization_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.GetWorkspaceByName(r.Context(), params.Organization, params.Name)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -218,26 +218,26 @@ func (h *webHandlers) getWorkspaceByName(w http.ResponseWriter, r *http.Request)
 func (h *webHandlers) editWorkspace(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	workspace, err := h.svc.GetWorkspace(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	policy, err := h.svc.GetPolicy(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	// Get teams that have yet to be assigned a permission
 	teams, err := h.ListTeams(r.Context(), workspace.Organization)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -245,14 +245,14 @@ func (h *webHandlers) editWorkspace(w http.ResponseWriter, r *http.Request) {
 	if workspace.Connection != nil {
 		provider, err = h.GetVCSProvider(r.Context(), workspace.Connection.VCSProviderID)
 		if err != nil {
-			html.Error(w, err.Error(), http.StatusInternalServerError)
+			h.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 	}
 
 	tags, err := h.svc.listAllTags(r.Context(), workspace.Organization)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	getTagNames := func() (names []string) {
@@ -309,7 +309,7 @@ func (h *webHandlers) updateWorkspace(w http.ResponseWriter, r *http.Request) {
 		WorkspaceID      string         `schema:"workspace_id,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -323,7 +323,7 @@ func (h *webHandlers) updateWorkspace(w http.ResponseWriter, r *http.Request) {
 		WorkingDirectory: params.WorkingDirectory,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -335,13 +335,13 @@ func (h *webHandlers) updateWorkspace(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) deleteWorkspace(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.DeleteWorkspace(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "deleted workspace: "+ws.Name)
@@ -351,13 +351,13 @@ func (h *webHandlers) deleteWorkspace(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) lockWorkspace(w http.ResponseWriter, r *http.Request) {
 	id, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.LockWorkspace(r.Context(), id, nil)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	http.Redirect(w, r, paths.Workspace(ws.ID), http.StatusFound)
@@ -366,13 +366,13 @@ func (h *webHandlers) lockWorkspace(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) unlockWorkspace(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.UnlockWorkspace(r.Context(), workspaceID, nil, false)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -382,13 +382,13 @@ func (h *webHandlers) unlockWorkspace(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) forceUnlockWorkspace(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.UnlockWorkspace(r.Context(), workspaceID, nil, true)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -398,18 +398,18 @@ func (h *webHandlers) forceUnlockWorkspace(w http.ResponseWriter, r *http.Reques
 func (h *webHandlers) listWorkspaceVCSProviders(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.GetWorkspace(r.Context(), workspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	providers, err := h.ListVCSProviders(r.Context(), ws.Organization)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -430,25 +430,25 @@ func (h *webHandlers) listWorkspaceVCSRepos(w http.ResponseWriter, r *http.Reque
 		// TODO: filters, public/private, etc
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	ws, err := h.svc.GetWorkspace(r.Context(), params.WorkspaceID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	client, err := h.GetVCSClient(r.Context(), params.VCSProviderID)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	repos, err := client.ListRepositories(r.Context(), cloud.ListRepositoriesOptions{
 		PageSize: 100,
 	})
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -469,13 +469,13 @@ func (h *webHandlers) connect(w http.ResponseWriter, r *http.Request) {
 		ConnectOptions
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	_, err := h.svc.connect(r.Context(), params.WorkspaceID, params.ConnectOptions)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -486,7 +486,7 @@ func (h *webHandlers) connect(w http.ResponseWriter, r *http.Request) {
 func (h *webHandlers) disconnect(w http.ResponseWriter, r *http.Request) {
 	workspaceID, err := decode.Param("workspace_id", r)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
@@ -495,7 +495,7 @@ func (h *webHandlers) disconnect(w http.ResponseWriter, r *http.Request) {
 	if errors.Is(err, internal.ErrWarning) {
 		stack.Push(html.FlashWarningType, err.Error())
 	} else if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
@@ -512,18 +512,18 @@ func (h *webHandlers) setWorkspacePermission(w http.ResponseWriter, r *http.Requ
 		Role        string `schema:"role,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 	role, err := rbac.WorkspaceRoleFromString(params.Role)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 
 	err = h.svc.SetPermission(r.Context(), params.WorkspaceID, params.TeamName, role)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "updated workspace permissions")
@@ -536,13 +536,13 @@ func (h *webHandlers) unsetWorkspacePermission(w http.ResponseWriter, r *http.Re
 		TeamName    string `schema:"team_name,required"`
 	}
 	if err := decode.All(&params, r); err != nil {
-		html.Error(w, err.Error(), http.StatusUnprocessableEntity)
+		h.Error(w, err.Error(), http.StatusUnprocessableEntity)
 		return
 	}
 
 	err := h.svc.UnsetPermission(r.Context(), params.WorkspaceID, params.TeamName)
 	if err != nil {
-		html.Error(w, err.Error(), http.StatusInternalServerError)
+		h.Error(w, err.Error(), http.StatusInternalServerError)
 		return
 	}
 	html.FlashSuccess(w, "deleted workspace permission")