diff --git a/Text/HTML/SanitizeXSS.hs b/Text/HTML/SanitizeXSS.hs
index e2599b2..f283277 100644
--- a/Text/HTML/SanitizeXSS.hs
+++ b/Text/HTML/SanitizeXSS.hs
@@ -128,7 +128,7 @@ sanitaryAttributes = fromList (allowed_html_uri_attributes ++ acceptable_attribu
   \\ (fromList svg_attr_val_allows_ref) -- extra unescaping not implemented
 
 allowed_html_uri_attributes :: [Text]
-allowed_html_uri_attributes = ["href", "src", "cite", "action", "longdesc"]
+allowed_html_uri_attributes = ["href", "src", "srcset", "cite", "action", "longdesc"]
 
 uri_attributes :: Set Text
 uri_attributes = fromList $ allowed_html_uri_attributes ++ ["xlink:href", "xml:base"]
diff --git a/test/main.hs b/test/main.hs
index 40b9af5..b82562c 100644
--- a/test/main.hs
+++ b/test/main.hs
@@ -23,6 +23,12 @@ main = hspec $ do
       test sanitizeBalance testHTML " <a href=\"http://safe.com\">safe</a><a>anchor</a> <img />   <br /> <b>Unbalanced<div></div><img src=\"http://safe.com\"></b>"
       sanitized testHTML " <a href=\"http://safe.com\">safe</a><a>anchor</a> <img />   <br /> <b>Unbalanced</div><img src=\"http://safe.com\">"
 
+    it "srcset" $ do
+      let allowed = "<img srcset=\"safe.com\" />"
+      sanitized allowed allowed
+      let bad = "<img src='evil://evil.com' />"
+      sanitized bad "<img />"
+
     it "relativeURI" $ do
       let testRelativeURI = "<a href=\"foo\">bar</a>"
       sanitized testRelativeURI testRelativeURI