diff --git a/print.pages.inc b/print.pages.inc
index acf3973d2b7cfb98c16967a74f84c098cdcd1957..691be7d717a19740c86e0100f339601213366180 100644
--- a/print.pages.inc
+++ b/print.pages.inc
@@ -475,7 +475,7 @@ function _print_rewrite_urls($matches) {
           }
           // Because base href is the original page, change the link to
           // still be usable inside the print page
-          $matches[1] = str_replace($url, base_path() . $_GET['q'] . $url, $matches[1]);
+          $matches[1] = str_replace($url, check_plain(base_path() . $_GET['q'] . $url), $matches[1]);
         }
         else {
           // URL is relative, convert it into absolute URL
@@ -504,7 +504,7 @@ function _print_rewrite_urls($matches) {
     }
   }
 
-  return $ret;
+  return filter_xss_admin($ret);
 }
 
 /**