diff --git a/core/includes/common.inc b/core/includes/common.inc
index 4080803..4f78b7f 100644
--- a/core/includes/common.inc
+++ b/core/includes/common.inc
@@ -1273,7 +1273,8 @@ function drupal_strip_dangerous_protocols($uri) {
   static $allowed_protocols;
 
   if (!isset($allowed_protocols)) {
-    $allowed_protocols = array_flip(config('filter.settings')->get('allowed_protocols'));
+    $protocols = array_flip(array('ftp', 'http', 'https', 'irc', 'mailto', 'news', 'nntp', 'rtsp', 'sftp', 'ssh', 'tel', 'telnet', 'webcal'));
+    $allowed_protocols = config('filter.settings')->get('allowed_protocols') ?: $protocols;
   }
 
   // Iteratively remove any invalid protocol found.
diff --git a/core/modules/filter/filter.module b/core/modules/filter/filter.module
index 90012d3..0e921b3 100644
--- a/core/modules/filter/filter.module
+++ b/core/modules/filter/filter.module
@@ -1458,7 +1458,8 @@ function _filter_url($text, $filter) {
   // we cannot cleanly differ between protocols here without hard-coding MAILTO,
   // so '//' is optional for all protocols.
   // @see filter_xss_bad_protocol()
-  $protocols = config('filter.settings')->get('allowed_protocols');
+  $protocol_list = array('http', 'https', 'ftp', 'news', 'nntp', 'telnet', 'mailto', 'irc', 'ssh', 'sftp', 'webcal', 'rtsp');
+  $protocols = config('filter.settings')->get('allowed_protocols') ? array_flip(config('filter.settings')->get('allowed_protocols')) : $protocol_list;
   $protocols = implode(':(?://)?|', $protocols) . ':(?://)?';
 
   // Prepare domain name pattern.