diff --git a/lazy_srcset/templatetags/lazy_srcset.py b/lazy_srcset/templatetags/lazy_srcset.py
index 7c34a25..fcc5372 100644
--- a/lazy_srcset/templatetags/lazy_srcset.py
+++ b/lazy_srcset/templatetags/lazy_srcset.py
@@ -8,7 +8,7 @@
 from django.contrib.staticfiles.storage import staticfiles_storage
 from django.core.files.images import ImageFile
 from django.template.exceptions import TemplateSyntaxError
-from django.utils.html import format_html
+from django.utils.html import format_html, mark_safe
 from imagekit.cachefiles import ImageCacheFile
 from imagekit.registry import generator_registry
 
@@ -332,8 +332,16 @@ def srcset(*args, **kwargs):
     return format_html(
         'src="{}" srcset="{}" sizes="{}" width="{}" height="{}"',
         output_imgs[0].url,
-        ", ".join(srcsets),
-        ", ".join(sizes),
+        # ------ FIX ------
+        # mark_safe on joins to prevent the double escaping signed URLs.
+        # format_html already escaped each individual srcset/size entry above,
+        # so the joined string is safe and must not be escaped again.
+        # Example of bug
+        # image url: http://static.com/img.jpg?help=true&dim=480
+        # becomes
+        # http://static.com/img.jpg?help=true&amp;dim=480 -> 404 ERROR
+        mark_safe(", ".join(srcsets)),
+        mark_safe(", ".join(sizes)),
         output_imgs[0].width,
         output_imgs[0].height,
     )