diff --git a/readme.md b/readme.md
index 7f26efc7..981dcd1d 100644
--- a/readme.md
+++ b/readme.md
@@ -285,7 +285,7 @@ The following bash scripts are useful when working on this project:
 The typical security aspect discussed for markdown is [cross-site scripting
 (XSS)][xss] attacks.
 Markdown itself is safe if it does not include embedded HTML or dangerous
-protocols in links/images (such as `javascript:` or `data:`).
+protocols in links/images (such as `javascript:`).
 `markdown-rs` makes any markdown safe by default, even if HTML is embedded or
 dangerous protocols are used, as it encodes or drops them.
 Turning on the `allow_dangerous_html` or `allow_dangerous_protocol` options for
diff --git a/src/configuration.rs b/src/configuration.rs
index 083f8dba..ece2c17e 100644
--- a/src/configuration.rs
+++ b/src/configuration.rs
@@ -518,9 +518,9 @@ pub struct CompileOptions {
     ///
     /// URLs that have no protocol (which means it’s relative to the current
     /// page, such as `./some/page.html`) and URLs that have a safe protocol
-    /// (for images: `http`, `https`; for links: `http`, `https`, `irc`,
+    /// (for images: `http`, `https`, `data`; for links: `http`, `https`, `irc`,
     /// `ircs`, `mailto`, `xmpp`), are safe.
-    /// All other URLs are dangerous and dropped.
+    /// All other URLs are considered dangerous by this library and dropped.
     ///
     /// ## Examples
     ///
diff --git a/src/util/constant.rs b/src/util/constant.rs
index cf27f53e..7ec8df5f 100644
--- a/src/util/constant.rs
+++ b/src/util/constant.rs
@@ -274,7 +274,7 @@ pub const SAFE_PROTOCOL_HREF: [&str; 6] = ["http", "https", "irc", "ircs", "mail
 /// List of protocols allowed, when operating safely, as `src` on `img`.
 ///
 /// This list is based on what is allowed by GitHub.
-pub const SAFE_PROTOCOL_SRC: [&str; 2] = ["http", "https"];
+pub const SAFE_PROTOCOL_SRC: [&str; 3] = ["http", "https", "data"];
 
 /// The number of characters that form a tab stop.
 ///
diff --git a/tests/misc_dangerous_protocol.rs b/tests/misc_dangerous_protocol.rs
index c0550547..21de63ca 100644
--- a/tests/misc_dangerous_protocol.rs
+++ b/tests/misc_dangerous_protocol.rs
@@ -113,6 +113,12 @@ fn dangerous_protocol_image() {
         "<p><img src=\"a/b:c\" alt=\"\" /></p>",
         "should allow a colon in a path"
     );
+
+    assert_eq!(
+        to_html("![](data:image/png;base64,abc)"),
+        "<p><img src=\"data:image/png;base64,abc\" alt=\"\" /></p>",
+        "should allow data URIs"
+    );
 }
 
 #[test]