diff --git a/Client/Frontend/Browser/BrowserViewController/BrowserViewController+WebViewDelegates.swift b/Client/Frontend/Browser/BrowserViewController/BrowserViewController+WebViewDelegates.swift
index 96f8d78690d3..e9a02bdbb237 100644
--- a/Client/Frontend/Browser/BrowserViewController/BrowserViewController+WebViewDelegates.swift
+++ b/Client/Frontend/Browser/BrowserViewController/BrowserViewController+WebViewDelegates.swift
@@ -446,8 +446,9 @@ extension BrowserViewController: WKNavigationDelegate {
                 return
             }
 
-            // Allow plan text types
-            if url.hasPrefix("data:;") || url.hasPrefix("data:,") || url.hasPrefix("data:text/plain") {
+            // Allow plain text types.
+            // Note the format of data URLs is `data:[<media type>][;base64],<data>` with empty <media type> indicating plain text.
+            if url.hasPrefix("data:;base64,") || url.hasPrefix("data:,") || url.hasPrefix("data:text/plain,") || url.hasPrefix("data:text/plain;") {
                 decisionHandler(.allow)
                 return
             }
diff --git a/UITests/SecurityTests.swift b/UITests/SecurityTests.swift
index b96ed3cc798a..03b23b2bb739 100644
--- a/UITests/SecurityTests.swift
+++ b/UITests/SecurityTests.swift
@@ -140,7 +140,7 @@ class SecurityTests: KIFTestCase {
             beforeEach()
         }
 
-        // Check data url that is no allowed
+        // Check data url that is not allowed
         tester().tapWebViewElementWithAccessibilityLabel("data-url-html-bad")
         tester().wait(forTimeInterval: 1)
         let webView = tester().waitForView(withAccessibilityLabel: "Web content") as! WKWebView