diff --git a/library/HTMLPurifier/URIScheme.php b/library/HTMLPurifier/URIScheme.php
index f4c1baa6..c6c12f53 100644
--- a/library/HTMLPurifier/URIScheme.php
+++ b/library/HTMLPurifier/URIScheme.php
@@ -4,7 +4,7 @@ class HTMLPurifier_URIScheme
 {
     
     function validateComponents($authority, $path, $query, $fragment) {
-        
+        return array($authority, $path, $query, $fragment);
     }
     
 }
diff --git a/library/HTMLPurifier/URISchemeRegistry.php b/library/HTMLPurifier/URISchemeRegistry.php
index f925d009..86c75fa4 100644
--- a/library/HTMLPurifier/URISchemeRegistry.php
+++ b/library/HTMLPurifier/URISchemeRegistry.php
@@ -16,6 +16,14 @@ HTMLPurifier_ConfigDef::define(
     'prevents XSS attacks from using pseudo-schemes like javascript or mocha.'
 );
 
+HTMLPurifier_ConfigDef::define(
+    'URI', 'OverrideAllowedSchemes', true,
+    'If this is set to true (which it is by default), you can override '.
+    '%URI.AllowedSchemes by simply registering a HTMLPurifier_URIScheme '.
+    'to the registry.  If false, you will also have to update that directive '.
+    'in order to add more schemes.'
+);
+
 class HTMLPurifier_URISchemeRegistry
 {
     
@@ -38,11 +46,18 @@ class HTMLPurifier_URISchemeRegistry
     function &getScheme($scheme, $config = null) {
         if (!$config) $config = HTMLPurifier_Config::createDefault();
         $null = null; // for the sake of passing by reference
-        if (isset($this->schemes[$scheme])) return $this->schemes[$scheme];
-        if (empty($this->_dir)) $this->_dir = dirname(__FILE__) . '/URIScheme/';
         
         // important, otherwise attacker could include arbitrary file
         $allowed_schemes = $config->get('URI', 'AllowedSchemes');
+        if (!$config->get('URI', 'OverrideAllowedSchemes') &&
+            !isset($allowed_schemes[$scheme])
+        ) {
+            return $null;
+        }
+        
+        if (isset($this->schemes[$scheme])) return $this->schemes[$scheme];
+        if (empty($this->_dir)) $this->_dir = dirname(__FILE__) . '/URIScheme/';
+        
         if (!isset($allowed_schemes[$scheme])) return $null;
         
         @include_once $this->_dir . $scheme . '.php';
diff --git a/tests/HTMLPurifier/URISchemeRegistryTest.php b/tests/HTMLPurifier/URISchemeRegistryTest.php
index b736fd30..7c610780 100644
--- a/tests/HTMLPurifier/URISchemeRegistryTest.php
+++ b/tests/HTMLPurifier/URISchemeRegistryTest.php
@@ -11,6 +11,7 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
         
         $config = HTMLPurifier_Config::createDefault();
         $config->set('URI', 'AllowedSchemes', array('http' => true, 'telnet' => true));
+        $config->set('URI', 'OverrideAllowedSchemes', true);
         
         $registry = new HTMLPurifier_URISchemeRegistry();
         $this->assertIsA($registry->getScheme('http'), 'HTMLPurifier_URIScheme_http');
@@ -31,7 +32,11 @@ class HTMLPurifier_URISchemeRegistryTest extends UnitTestCase
         $registry->register('foobar', $scheme_foobar);
         $this->assertIdentical($registry->getScheme('foobar', $config), $scheme_foobar);
         
-        // however, don't try to get a scheme that isn't allowed
+        // now, test when overriding is not allowed
+        $config->set('URI', 'OverrideAllowedSchemes', false);
+        $this->assertNull($registry->getScheme('foobar', $config));
+        
+        // scheme not allowed and never registered
         $this->assertNull($registry->getScheme('ftp', $config));
         
     }