diff --git a/CHANGES b/CHANGES
index 0c7a8e1e..10a2fe1c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -14,6 +14,7 @@ Release date to be decided.
 - Added ``template_test`` methods in addition to the already existing
   ``template_filter`` method family.
 - Set the content-length header for x-sendfile.
+- ``tojson`` filter now does not escape script blocks in HTML5 parsers.
 
 Version 0.9
 -----------
diff --git a/flask/helpers.py b/flask/helpers.py
index 07c8add2..9491ac55 100644
--- a/flask/helpers.py
+++ b/flask/helpers.py
@@ -45,11 +45,13 @@ from .globals import session, _request_ctx_stack, _app_ctx_stack, \
 
 # figure out if simplejson escapes slashes.  This behavior was changed
 # from one version to another without reason.
-if '\\/' not in json.dumps('/'):
-    def _tojson_filter(*args, **kwargs):
-        return json.dumps(*args, **kwargs).replace('/', '\\/')
-else:
-    _tojson_filter = json.dumps
+_slash_escape = '\\/' not in json.dumps('/')
+
+def _tojson_filter(*args, **kwargs):
+    rv = json.dumps(*args, **kwargs)
+    if _slash_escape:
+        rv = rv.replace('/', '\\/')
+    return rv.replace('<!', '<\\u0021')
 
 
 # sentinel
diff --git a/flask/testsuite/helpers.py b/flask/testsuite/helpers.py
index 54c01482..58592668 100644
--- a/flask/testsuite/helpers.py
+++ b/flask/testsuite/helpers.py
@@ -97,6 +97,8 @@ class JSONTestCase(FlaskTestCase):
             self.assert_equal(rv, '"<\\/script>"')
             rv = render('{{ "<\0/script>"|tojson|safe }}')
             self.assert_equal(rv, '"<\\u0000\\/script>"')
+            rv = render('{{ "<!--<script>"|tojson|safe }}')
+            self.assert_equal(rv, '"<\\u0021--<script>"')
 
     def test_modified_url_encoding(self):
         class ModifiedRequest(flask.Request):