diff --git a/gluon/html.py b/gluon/html.py
index 5ae5f4cd..6446bd8c 100644
--- a/gluon/html.py
+++ b/gluon/html.py
@@ -596,10 +596,10 @@ class XML(XmlComponent):
                 for A, IMG and BlockQuote).
                 The key is the tag; the value is a list of allowed attributes.
         """
-        if sanitize:
-            text = sanitizer.sanitize(text, permitted_tags, allowed_attributes)
         if isinstance(text, unicodeT):
             text = to_native(text.encode('utf8', 'xmlcharrefreplace'))
+        if sanitize:
+            text = sanitizer.sanitize(text, permitted_tags, allowed_attributes)
         elif isinstance(text, bytes):
             text = to_native(text)
         elif not isinstance(text, str):
diff --git a/gluon/tests/test_html.py b/gluon/tests/test_html.py
index 6ee181d5..26693efb 100644
--- a/gluon/tests/test_html.py
+++ b/gluon/tests/test_html.py
@@ -170,6 +170,8 @@ class TestBareHelpers(unittest.TestCase):
         # seams that __repr__ is no longer enough
         ##self.assertEqual(XML('1.3'), '1.3')
         self.assertEqual(XML(u'<div>è</div>').xml(), b'<div>\xc3\xa8</div>')
+        # make sure unicode works with sanitize
+        self.assertEqual(XML(u'<div>è</div>', sanitize=True).xml(), b'<div>\xc3\xa8</div>')
         # you can calc len on the class, that equals the xml() and the str()
         ##self.assertEqual(len(XML('1.3')), len('1.3'))
         self.assertEqual(len(XML('1.3').xml()), len('1.3'))