diff --git a/config/xss-config.py b/config/xss-config.py
new file mode 100644
index 0000000..d9ff5d9
--- /dev/null
+++ b/config/xss-config.py
@@ -0,0 +1,19 @@
+# Reason why this is a .py file is because json sucks at some config stuff
+# Ran via exec in its own little globals environment
+# The dictionary "config" is passed through to the final script.
+
+from html_sanitizer import sanitizer
+from html_sanitizer import *
+import copy
+
+config = dict(sanitizer.DEFAULT_SETTINGS)
+
+# Add your changes
+config['tags'].add('img')
+config['empty'].add('img')
+config['attributes'].update({'img': ('src', )})
+config['tags'].add('audio')
+config['empty'].add('audio')
+config['attributes'].update({'audio': ('src', 'controls')})
+
+print("Done with XSS config")