diff --git a/wp-admin/includes/user.php b/wp-admin/includes/user.php
index ff1e91dceb..3c93a69a23 100644
--- a/wp-admin/includes/user.php
+++ b/wp-admin/includes/user.php
@@ -69,7 +69,8 @@ function edit_user( $user_id = 0 ) {
 			$user->user_url = '';
 		} else {
 			$user->user_url = esc_url_raw( $_POST['url'] );
-			$user->user_url = preg_match('/^(https?|ftps?|mailto|news|irc|gopher|nntp|feed|telnet):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
+			$protocols = implode( '|', array_map( 'preg_quote', wp_allowed_protocols() ) );
+			$user->user_url = preg_match('/^(' . $protocols . '):/is', $user->user_url) ? $user->user_url : 'http://'.$user->user_url;
 		}
 	}
 	if ( isset( $_POST['first_name'] ) )
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 60f1fa27a3..ec437da018 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -3508,7 +3508,7 @@ function wp_allowed_protocols() {
 	static $protocols;
 
 	if ( empty( $protocols ) ) {
-		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn' );
+		$protocols = array( 'http', 'https', 'ftp', 'ftps', 'mailto', 'news', 'irc', 'gopher', 'nntp', 'feed', 'telnet', 'mms', 'rtsp', 'svn', 'tel', 'fax' );
 		$protocols = apply_filters( 'kses_allowed_protocols', $protocols );
 	}