diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 9f9c6e1..b89e3db 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -17,8 +17,8 @@ on:
   pull_request:
     # The branches below must be a subset of the branches above
     branches: [ develop ]
-  schedule:
-    - cron: '28 12 * * 4'
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
 
 jobs:
   evaluate_action_skip:
diff --git a/LICENSE b/LICENSE
index 6fe2f4c..90a2462 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 BSD 3-Clause License
 
-Copyright (c) 2020, spassarop
+Copyright (c) 2021, spassarop
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-anythinggoes.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-anythinggoes.xml
index d58326e..bb88b6c 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-anythinggoes.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-anythinggoes.xml
@@ -1,12 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1" ?>
 
-
 <!--
 W3C rules retrieved from:
 http://www.w3.org/TR/html401/struct/global.html
 -->
 
-
 <anti-samy-rules xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 		xsi:noNamespaceSchemaLocation="antisamy.xsd">
 
@@ -102,8 +100,8 @@ http://www.w3.org/TR/html401/struct/global.html
 		<regexp name="angle" value="(-|\+)?([0-9]+(\.[0-9]+)?)(deg|grads|rad)"/>
 		<regexp name="time" value="([0-9]+(\.[0-9]+)?)(ms|s)"/>
 		<regexp name="frequency" value="([0-9]+(\.[0-9]+)?)(hz|khz)"/>
-		<regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
-		<regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
 		<regexp name="percentage" value="(-|\+)?([0-9]+(\.[0-9]+)?)%"/>
 		<regexp name="positivePercentage" value="(\+)?([0-9]+(\.[0-9]+)?)%"/>
 
@@ -136,7 +134,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	<common-attributes>
 
-
 		<!-- Common to all HTML tags  -->
 
 		<attribute name="id" description="The 'id' of any HTML attribute should not contain anything besides letters and numbers">
@@ -153,9 +150,10 @@ http://www.w3.org/TR/html401/struct/global.html
 
 		<attribute name="lang" description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 		 	<regexp-list>
-		 		<regexp value="[a-zA-Z]{2,20}"/>
+		 		<regexp value="[a-zA-Z0-9-]{2,20}"/>
 		 	</regexp-list>
 		 </attribute>
+    
 		 <attribute name="title" description="The 'title' attribute provides text that shows up in a 'tooltip' when a user hovers their mouse over the element">
 		 	<regexp-list>
 		 		<regexp name="htmlTitle"/>
@@ -168,7 +166,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
  		<!-- the "style" attribute will be validated by an inline stylesheet scanner, so no need to define anything here - i hate having to special case this but no other choice -->
 		 <attribute name="style" description="The 'style' attribute provides the ability for users to change many attributes of the tag's contents using a strict syntax"/>
 
@@ -190,7 +187,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
 		 <!-- Anchor related -->
 
 		 <!--  onInvalid="filterTag" has been removed as per suggestion at OWASP SJ 2007 - just "name" is valid -->
@@ -222,7 +218,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="shape" description="The 'shape' attribute defines the shape of the selectable area">
 			<literal-list>
 				<literal value="default"/>
@@ -232,8 +227,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!--  Table attributes  -->
 
 		<attribute name="border">
@@ -303,7 +296,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		 </attribute>
 
-
 		<attribute name="axis" description="The 'headers' attribute is a comma-separated list of related header cells">
 		 	<regexp-list>
 			 	<regexp value="[a-zA-Z0-9\s*,]*"/>
@@ -317,7 +309,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		</attribute>
 
-
 		<!--  Common positioning attributes  -->
 
 		<attribute name="width">
@@ -352,8 +343,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!-- Intrinsic JavaScript Events -->
 
 		<attribute name="onFocus" description="The 'onFocus' event is executed when the control associated with the tag gains focus">
@@ -414,8 +403,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
-
 		 <!-- If you want users to be able to mess with tabindex, uncomment this -->
 		 <!--
 		 <attribute name="tabindex" description="...">
@@ -425,7 +412,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 </attribute>
 		  -->
 
-
 		 <!-- Input/form related common attributes -->
 
 		 <attribute name="disabled">
@@ -452,7 +438,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="autocomplete">
 			<literal-list>
 				<literal value="on"/>
@@ -474,7 +459,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</common-attributes>
 
-
 	<!--
 	This requires normal updates as browsers continue to diverge from the W3C and each other. As long as the browser wars continue
 	this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after
@@ -513,22 +497,17 @@ http://www.w3.org/TR/html401/struct/global.html
 		<!-- since we're validating the style sheets this is safe to have - switch to "truncate" if the user's html will appear in the html body -->
 		<tag name="title" action="truncate"/>
 
-
 		<!-- Tags related to JavaScript -->
 
 		<tag name="script" action="remove"/>
 		<tag name="noscript" action="validate"/> <!-- although no javascript can fire inside a noscript tag, css is still a viable attack vector -->
 
-
-
 		<!-- Frame & related tags -->
 
 		<tag name="iframe" action="remove"/>
 		<tag name="frameset" action="remove"/>
 		<tag name="frame" action="remove"/>
 
-
-
 		<!-- Form related tags -->
 
 		<tag name="label" action="validate">
@@ -539,7 +518,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!--
 			If you wish to enable any of the form related tags, change the tag's action below from "filter" or "remove" to "validate". The attributes have been
 			hardened so this is safe to do, if it's something you want to allow. Beware the <><ing possibilities!
@@ -697,9 +675,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="accesskey"/>
 		</tag>
 
-
-
-
 		<!-- All formatting tags -->
 
 		<tag name="h1" action="validate"/>
@@ -760,7 +735,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!-- Anchor and anchor related tags -->
 
 		<tag name="a" action="validate">
@@ -792,8 +766,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		</tag>
 		-->
 
-
-
 		<!-- Stylesheet Tags -->
 
 		<tag name="style" action="validate">
@@ -814,10 +786,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		<!-- <attribute name="id"/>  what could an attacker do if they could overwrite an existing div definition? prolly something bad -->
 		<!-- <attribute name="class"/> what could an attacker do if they could specify any class in the namespace? prolly something bad -->
 
-
-
-
-
 		<!-- Image & image related tags -->
 
 		<tag name="img" action="validate">
@@ -876,28 +844,18 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
-
-
-
 		<!-- List tags -->
 
 		<tag name="ul" action="validate"/>
 		<tag name="ol" action="validate"/>
 		<tag name="li" action="validate"/>
 
-
-
-
 		<!-- Dictionary tags -->
 
 		<tag name="dd" action="truncate"/>
 		<tag name="dl" action="truncate"/>
 		<tag name="dt" action="truncate"/>
 
-
-
-
 		<!-- Table tags (tbody, thead, tfoot)-->
 
 		<tag name="thead" action="validate">
@@ -1015,7 +973,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</tag-rules>
 
-
 	<!--  CSS validation processing rules  -->
 
 	<css-rules>
@@ -2573,7 +2530,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="monospace"/>
 			</literal-list>
 
-
 			<regexp-list>
 				<regexp value="[\w,\-&apos;&quot; ]+"/>
 			</regexp-list>
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-ebay.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-ebay.xml
index 7ad8e7a..1275738 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-ebay.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-ebay.xml
@@ -1,12 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1" ?>
 
-
 <!--
 W3C rules retrieved from:
 http://www.w3.org/TR/html401/struct/global.html
 -->
 
-
 <anti-samy-rules xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 		xsi:noNamespaceSchemaLocation="antisamy.xsd">
 
@@ -100,8 +98,8 @@ http://www.w3.org/TR/html401/struct/global.html
 		<regexp name="angle" value="(-|\+)?([0-9]+(\.[0-9]+)?)(deg|grads|rad)"/>
 		<regexp name="time" value="([0-9]+(\.[0-9]+)?)(ms|s)"/>
 		<regexp name="frequency" value="([0-9]+(\.[0-9]+)?)(hz|khz)"/>
-		<regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
-		<regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
 		<regexp name="percentage" value="(-|\+)?([0-9]+(\.[0-9]+)?)%"/>
 		<regexp name="positivePercentage" value="(\+)?([0-9]+(\.[0-9]+)?)%"/>
 
@@ -134,7 +132,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	<common-attributes>
 
-
 		<!-- Common to all HTML tags  -->
 
 		<attribute name="id" description="The 'id' of any HTML attribute should not contain anything besides letters and numbers">
@@ -151,9 +148,10 @@ http://www.w3.org/TR/html401/struct/global.html
 
 		<attribute name="lang" description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 		 	<regexp-list>
-		 		<regexp value="[a-zA-Z]{2,20}"/>
+		 		<regexp value="[a-zA-Z0-9-]{2,20}"/>
 		 	</regexp-list>
 		 </attribute>
+    
 		 <attribute name="title" description="The 'title' attribute provides text that shows up in a 'tooltip' when a user hovers their mouse over the element">
 		 	<regexp-list>
 		 		<regexp name="htmlTitle"/>
@@ -166,7 +164,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
  		<!-- the "style" attribute will be validated by an inline stylesheet scanner, so no need to define anything here - i hate having to special case this but no other choice -->
 		 <attribute name="style" description="The 'style' attribute provides the ability for users to change many attributes of the tag's contents using a strict syntax"/>
 
@@ -188,7 +185,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
 		 <!-- Anchor related -->
 
 		 <!--  onInvalid="filterTag" has been removed as per suggestion at OWASP SJ 2007 - just "name" is valid -->
@@ -214,7 +210,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="shape" description="The 'shape' attribute defines the shape of the selectable area">
 			<literal-list>
 				<literal value="default"/>
@@ -224,8 +219,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!--  Table attributes  -->
 
 		<attribute name="border">
@@ -295,7 +288,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		 </attribute>
 
-
 		<attribute name="axis" description="The 'headers' attribute is a comma-separated list of related header cells">
 		 	<regexp-list>
 			 	<regexp value="[a-zA-Z0-9\s*,]*"/>
@@ -309,7 +301,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		</attribute>
 
-
 		<!--  Common positioning attributes  -->
 
 		<attribute name="width">
@@ -344,8 +335,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!-- Intrinsic JavaScript Events -->
 
 		<attribute name="onFocus" description="The 'onFocus' event is executed when the control associated with the tag gains focus">
@@ -406,8 +395,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
-
 		 <!-- If you want users to be able to mess with tabindex, uncomment this -->
 		 <!--
 		 <attribute name="tabindex" description="...">
@@ -417,7 +404,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 </attribute>
 		  -->
 
-
 		 <!-- Input/form related common attributes -->
 
 		 <attribute name="disabled">
@@ -444,7 +430,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="autocomplete">
 			<literal-list>
 				<literal value="on"/>
@@ -466,7 +451,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</common-attributes>
 
-
 	<!--
 	This requires normal updates as browsers continue to diverge from the W3C and each other. As long as the browser wars continue
 	this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after
@@ -495,16 +479,12 @@ http://www.w3.org/TR/html401/struct/global.html
 		<tag name="script" action="remove"/>
 		<tag name="noscript" action="validate"/> <!-- although no javascript can fire inside a noscript tag, css is still a viable attack vector -->
 
-
-
 		<!-- Frame & related tags -->
 
 		<tag name="iframe" action="remove"/>
 		<tag name="frameset" action="remove"/>
 		<tag name="frame" action="remove"/>
 
-
-
 		<!-- Form related tags -->
 
 		<tag name="label" action="validate">
@@ -515,7 +495,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!-- All formatting tags -->
 
 		<tag name="h1" action="validate"/>
@@ -571,7 +550,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!-- Anchor and anchor related tags -->
 
 		<tag name="a" action="validate">
@@ -603,8 +581,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		</tag>
 		-->
 
-
-
 		<!-- Stylesheet Tags -->
 
 		<tag name="style" action="validate">
@@ -625,7 +601,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		<!-- <attribute name="id"/>  what could an attacker do if they could overwrite an existing div definition? prolly something bad -->
 		<!-- <attribute name="class"/> what could an attacker do if they could specify any class in the namespace? prolly something bad -->
 
-
 		<!-- Image & image related tags -->
 
 		<tag name="img" action="validate">
@@ -684,28 +659,18 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
-
-
-
 		<!-- List tags -->
 
 		<tag name="ul" action="validate"/>
 		<tag name="ol" action="validate"/>
 		<tag name="li" action="validate"/>
 
-
-
-
 		<!-- Dictionary tags -->
 
 		<tag name="dd" action="truncate"/>
 		<tag name="dl" action="truncate"/>
 		<tag name="dt" action="truncate"/>
 
-
-
-
 		<!-- Table tags (tbody, thead, tfoot)-->
 
 		<tag name="thead" action="validate">
@@ -823,7 +788,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</tag-rules>
 
-
 	<!--  CSS validation processing rules  -->
 
 	<css-rules>
@@ -2381,7 +2345,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="monospace"/>
 			</literal-list>
 
-
 			<regexp-list>
 				<regexp value="[\w,\-&apos;&quot; ]+"/>
 			</regexp-list>
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-myspace.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-myspace.xml
index 25cf0e4..2c3e2c5 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-myspace.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-myspace.xml
@@ -1,12 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1" ?>
 
-
 <!--
 W3C rules retrieved from:
 http://www.w3.org/TR/html401/struct/global.html
 -->
 
-
 <anti-samy-rules xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 		xsi:noNamespaceSchemaLocation="antisamy.xsd">
 
@@ -102,8 +100,8 @@ http://www.w3.org/TR/html401/struct/global.html
 		<regexp name="angle" value="(-|\+)?([0-9]+(\.[0-9]+)?)(deg|grads|rad)"/>
 		<regexp name="time" value="([0-9]+(\.[0-9]+)?)(ms|s)"/>
 		<regexp name="frequency" value="([0-9]+(\.[0-9]+)?)(hz|khz)"/>
-		<regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
-		<regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
+		<regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
 		<regexp name="percentage" value="(-|\+)?([0-9]+(\.[0-9]+)?)%"/>
 		<regexp name="positivePercentage" value="(\+)?([0-9]+(\.[0-9]+)?)%"/>
 
@@ -136,7 +134,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	<common-attributes>
 
-
 		<!-- Common to all HTML tags  -->
 
 		<attribute name="id" description="The 'id' of any HTML attribute should not contain anything besides letters and numbers">
@@ -153,9 +150,10 @@ http://www.w3.org/TR/html401/struct/global.html
 
 		<attribute name="lang" description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 		 	<regexp-list>
-		 		<regexp value="[a-zA-Z]{2,20}"/>
+		 		<regexp value="[a-zA-Z0-9-]{2,20}"/>
 		 	</regexp-list>
 		 </attribute>
+    
 		 <attribute name="title" description="The 'title' attribute provides text that shows up in a 'tooltip' when a user hovers their mouse over the element">
 		 	<regexp-list>
 		 		<regexp name="htmlTitle"/>
@@ -168,7 +166,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
  		<!-- the "style" attribute will be validated by an inline stylesheet scanner, so no need to define anything here - i hate having to special case this but no other choice -->
 		 <attribute name="style" description="The 'style' attribute provides the ability for users to change many attributes of the tag's contents using a strict syntax"/>
 
@@ -190,7 +187,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
 		 <!-- Anchor related -->
 
 		 <!--  onInvalid="filterTag" has been removed as per suggestion at OWASP SJ 2007 - just "name" is valid -->
@@ -216,7 +212,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="shape" description="The 'shape' attribute defines the shape of the selectable area">
 			<literal-list>
 				<literal value="default"/>
@@ -226,8 +221,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!--  Table attributes  -->
 
 		<attribute name="border">
@@ -297,7 +290,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		 </attribute>
 
-
 		<attribute name="axis" description="The 'headers' attribute is a comma-separated list of related header cells">
 		 	<regexp-list>
 			 	<regexp value="[a-zA-Z0-9\s*,]*"/>
@@ -311,7 +303,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>
 		</attribute>
 
-
 		<!--  Common positioning attributes  -->
 
 		<attribute name="width">
@@ -346,8 +337,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</literal-list>
 		</attribute>
 
-
-
 		<!-- Intrinsic JavaScript Events -->
 
 		<attribute name="onFocus" description="The 'onFocus' event is executed when the control associated with the tag gains focus">
@@ -408,8 +397,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 </attribute>
 
-
-
 		 <!-- If you want users to be able to mess with tabindex, uncomment this -->
 		 <!--
 		 <attribute name="tabindex" description="...">
@@ -419,7 +406,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 </attribute>
 		  -->
 
-
 		 <!-- Input/form related common attributes -->
 
 		 <attribute name="disabled">
@@ -446,7 +432,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 
-
 		<attribute name="autocomplete">
 			<literal-list>
 				<literal value="on"/>
@@ -468,7 +453,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</common-attributes>
 
-
 	<!--
 	This requires normal updates as browsers continue to diverge from the W3C and each other. As long as the browser wars continue
 	this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after
@@ -497,16 +481,12 @@ http://www.w3.org/TR/html401/struct/global.html
 		<tag name="script" action="remove"/>
 		<tag name="noscript" action="validate"/> <!-- although no javascript can fire inside a noscript tag, css is still a viable attack vector -->
 
-
-
 		<!-- Frame & related tags -->
 
 		<tag name="iframe" action="remove"/>
 		<tag name="frameset" action="remove"/>
 		<tag name="frame" action="remove"/>
 
-
-
 		<!-- Form related tags -->
 
 		<tag name="label" action="validate">
@@ -517,7 +497,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!--
 			If you wish to enable any of the form related tags, change the tag's action below from "filter" or "remove" to "validate". The attributes have been
 			hardened so this is safe to do, if it's something you want to allow. Beware the <><ing possibilities!
@@ -675,9 +654,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="accesskey"/>
 		</tag>
 
-
-
-
 		<!-- All formatting tags -->
 
 		<tag name="h1" action="validate"/>
@@ -733,7 +709,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
 		<!-- Anchor and anchor related tags -->
 
 		<tag name="a" action="validate">
@@ -763,8 +738,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		</tag>
 		-->
 
-
-
 		<!-- Stylesheet Tags -->
 
 		<tag name="style" action="validate">
@@ -782,7 +755,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="align"/>
 		</tag>
 
-
 		<!-- Image & image related tags -->
 
 		<tag name="img" action="validate">
@@ -841,28 +813,18 @@ http://www.w3.org/TR/html401/struct/global.html
 			</attribute>
 		</tag>
 
-
-
-
-
 		<!-- List tags -->
 
 		<tag name="ul" action="validate"/>
 		<tag name="ol" action="validate"/>
 		<tag name="li" action="validate"/>
 
-
-
-
 		<!-- Dictionary tags -->
 
 		<tag name="dd" action="truncate"/>
 		<tag name="dl" action="truncate"/>
 		<tag name="dt" action="truncate"/>
 
-
-
-
 		<!-- Table tags (tbody, thead, tfoot)-->
 
 		<tag name="thead" action="validate">
@@ -980,7 +942,6 @@ http://www.w3.org/TR/html401/struct/global.html
 
 	</tag-rules>
 
-
 	<!--  CSS validation processing rules  -->
 
 	<css-rules>
@@ -2538,7 +2499,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="monospace"/>
 			</literal-list>
 
-
 			<regexp-list>
 				<regexp value="[\w,\-&apos;&quot; ]+"/>
 			</regexp-list>
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-slashdot.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-slashdot.xml
index b479dd6..305a046 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-slashdot.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-slashdot.xml
@@ -55,11 +55,10 @@ Slashdot allowed tags taken from "Reply" page:
 	-->
 
 	<common-attributes>
-		
 
 		<attribute name="lang" description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 		 	<regexp-list>
-		 		<regexp value="[a-zA-Z]{2,20}"/>
+		 		<regexp value="[a-zA-Z0-9-]{2,20}"/>
 		 	</regexp-list>
 		 </attribute>
 		 
@@ -88,7 +87,6 @@ Slashdot allowed tags taken from "Reply" page:
 
 	</common-attributes>
 
-
 	<!--
 	This requires normal updates as browsers continue to diverge from the W3C and each other. As long as the browser wars continue
 	this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after 
@@ -142,8 +140,7 @@ Slashdot allowed tags taken from "Reply" page:
 		
 		<tag name="quote" action="validate"/>
 		<tag name="ecode" action="validate"/> 
-		
-						
+
 		<!-- Anchor and anchor related tags -->
 		
 		<tag name="a" action="validate">
@@ -170,8 +167,6 @@ Slashdot allowed tags taken from "Reply" page:
 		
 	</tag-rules>
 
-
-
 	<!--  No CSS on Slashdot posts -->
 
 	<css-rules>
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-tinymce.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-tinymce.xml
index fd47c96..802cfb9 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-tinymce.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy-tinymce.xml
@@ -58,7 +58,7 @@
 			description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 
 			<regexp-list>
-				<regexp value="[a-zA-Z]{2,20}" />
+				<regexp value="[a-zA-Z0-9-]{2,20}" />
 			</regexp-list>
 		</attribute>
 
@@ -101,7 +101,6 @@
 		this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after
 		a while?
 
-
 	-->
 
 	<global-tag-attributes>
diff --git a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy.xml b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy.xml
index a8569fe..7cb9598 100644
--- a/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy.xml
+++ b/OWASP.AntiSamy/AntiSamyPolicyExamples/antisamy.xml
@@ -1,12 +1,10 @@
 <?xml version="1.0" encoding="ISO-8859-1" ?>
 
-
 <!-- 
 W3C rules retrieved from:
 http://www.w3.org/TR/html401/struct/global.html
 -->
-	
-	
+
 <anti-samy-rules xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 		xsi:noNamespaceSchemaLocation="antisamy.xsd">
 
@@ -106,9 +104,9 @@ http://www.w3.org/TR/html401/struct/global.html
 		<regexp name="number" value="(-|\+)?([0-9]+(\.[0-9]+)?)"/>
 		<regexp name="angle" value="(-|\+)?([0-9]+(\.[0-9]+)?)(deg|grads|rad)"/>
 		<regexp name="time" value="([0-9]+(\.[0-9]+)?)(ms|s)"/>
-		<regexp name="frequency" value="([0-9]+(\.[0-9]+)?)(hz|khz)"/>	
-		<regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
-		<regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?)(em|ex|px|in|cm|mm|pt|pc))"/>
+		<regexp name="frequency" value="([0-9]+(\.[0-9]+)?)(hz|khz)"/>
+    <regexp name="length" value="((-|\+)?0|(-|\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
+    <regexp name="positiveLength" value="((\+)?0|(\+)?([0-9]+(\.[0-9]+)?([eE][+-]?[0-9]+)?)(rem|vw|vh|em|ex|px|in|cm|mm|pt|pc))"/>
 		<regexp name="percentage" value="(-|\+)?([0-9]+(\.[0-9]+)?)%"/>
 		<regexp name="positivePercentage" value="(\+)?([0-9]+(\.[0-9]+)?)%"/>
 		
@@ -142,7 +140,6 @@ http://www.w3.org/TR/html401/struct/global.html
 	-->
 
 	<common-attributes>
-		
 
 		<!-- Common to all HTML tags  -->
 		
@@ -172,9 +169,10 @@ http://www.w3.org/TR/html401/struct/global.html
 
 		<attribute name="lang" description="The 'lang' attribute tells the browser what language the element's attribute values and content are written in">
 		 	<regexp-list>
-		 		<regexp value="[a-zA-Z]{2,20}"/>
+		 		<regexp value="[a-zA-Z0-9-]{2,20}"/>
 		 	</regexp-list>
 		 </attribute>
+    
 		 <attribute name="title" description="The 'title' attribute provides text that shows up in a 'tooltip' when a user hovers their mouse over the element">
 		 	<regexp-list>
 		 		<regexp name="htmlTitle"/>
@@ -214,8 +212,7 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</literal-list>
 		 	
 		 </attribute>
-		 
-		 
+
 		 <!-- Anchor related -->
 		 
 		 <!--  onInvalid="filterTag" has been removed as per suggestion at OWASP SJ 2007 - just "name" is valid -->
@@ -241,8 +238,7 @@ http://www.w3.org/TR/html401/struct/global.html
 		 		
 		 	</regexp-list>
 		 </attribute>
-		
-		
+
 		<attribute name="shape" description="The 'shape' attribute defines the shape of the selectable area">
 			<literal-list>
 				<literal value="default"/>
@@ -251,9 +247,7 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="poly"/>
 			</literal-list>
 		</attribute>
-		
-		
-		
+
 		<!--  Table attributes  -->
 		
 		<attribute name="border">
@@ -323,7 +317,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			</regexp-list>				
 		 </attribute>
 
-
 		<attribute name="axis" description="The 'headers' attribute is a comma-separated list of related header cells">
 		 	<regexp-list>
 			 	<regexp value="[a-zA-Z0-9\s*,]*"/>
@@ -336,8 +329,7 @@ http://www.w3.org/TR/html401/struct/global.html
 				<!-- <regexp value="(nowrap){0,1}"/>  -->
 			</regexp-list>
 		</attribute>
-		
-		
+
 		<!--  Common positioning attributes  -->
 
 		<attribute name="width">
@@ -371,9 +363,7 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="top"/>
 			</literal-list>
 		</attribute>
-		
-		
-		
+
 		<!-- Intrinsic JavaScript Events -->
 		
 		<attribute name="onFocus" description="The 'onFocus' event is executed when the control associated with the tag gains focus">
@@ -433,9 +423,7 @@ http://www.w3.org/TR/html401/struct/global.html
 		 		<literal value="colgroup"/>
 		 	</literal-list>
 		 </attribute>
-		
-		
-		
+
 		 <!-- If you want users to be able to mess with tabindex, uncomment this -->
 		 <!--  
 		 <attribute name="tabindex" description="...">
@@ -444,8 +432,7 @@ http://www.w3.org/TR/html401/struct/global.html
 		 	</regexp-list>
 		 </attribute>
 		  -->
-		 
-		 
+
 		 <!-- Input/form related common attributes -->
 		 
 		 <attribute name="disabled">
@@ -471,8 +458,7 @@ http://www.w3.org/TR/html401/struct/global.html
 		 		<regexp name="number"/>
 		 	</regexp-list>
 		 </attribute>
-		 
-		 
+
 		<attribute name="autocomplete">
 			<literal-list>
 				<literal value="on"/>
@@ -494,7 +480,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		 
 	</common-attributes>
 
-
 	<!--
 	This requires normal updates as browsers continue to diverge from the W3C and each other. As long as the browser wars continue
 	this is going to continue. I'm not sure war is the right word for what's going on. Doesn't somebody have to win a war after 
@@ -538,22 +523,17 @@ http://www.w3.org/TR/html401/struct/global.html
 		<!-- since we're validating the style sheets this is safe to have - switch to "truncate" if the user's html will appear in the html body -->
 		<tag name="title" action="truncate"/>
 
-
 		<!-- Tags related to JavaScript -->
 
 		<tag name="script" action="remove"/>
 		<tag name="noscript" action="validate"/> <!-- although no javascript can fire inside a noscript tag, css is still a viable attack vector -->
-		
-		
-		
+
 		<!-- Frame & related tags -->
 		
 		<tag name="iframe" action="remove"/>
 		<tag name="frameset" action="remove"/>
 		<tag name="frame" action="remove"/>
-		
-		
-		
+
 		<!-- Form related tags -->
 		
 		<tag name="label" action="validate">
@@ -563,7 +543,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				</regexp-list>
 			</attribute>
 		</tag>
-		
 
 		<!--
 			If you wish to enable any of the form related tags, change the tag's action below from "filter" or "remove" to "validate". The attributes have been 
@@ -722,10 +701,7 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="readonly"/>
 			<attribute name="accesskey"/>
 		</tag>
-		
-		
-		
-		
+
 		<!-- All formatting tags -->
 		
 		<tag name="h1" action="validate"/>
@@ -780,7 +756,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				</regexp-list>
 			</attribute>
 		</tag>
-		
 
 		<!-- Anchor and anchor related tags -->
 		
@@ -812,9 +787,7 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="href"/>
 		</tag>
 		-->
-		
-		
-		
+
 		<!-- Stylesheet Tags -->
 		
 		<tag name="style" action="validate">
@@ -832,7 +805,6 @@ http://www.w3.org/TR/html401/struct/global.html
 			<attribute name="align"/>
 		</tag>
 
-	
 		<!-- Image & image related tags -->
 		
 		<tag name="img" action="validate">
@@ -890,29 +862,19 @@ http://www.w3.org/TR/html401/struct/global.html
 				</literal-list>
 			</attribute>
 		</tag>
-		
-		
-		
-				
 
 		<!-- List tags -->
 
 		<tag name="ul" action="validate"/>
 		<tag name="ol" action="validate"/>
 		<tag name="li" action="validate"/>
-		
 
-		
-		
 		<!-- Dictionary tags -->
 		
 		<tag name="dd" action="truncate"/>
 		<tag name="dl" action="truncate"/>
 		<tag name="dt" action="truncate"/>
-		
-
 
-		
 		<!-- Table tags (tbody, thead, tfoot)-->
 		
 		<tag name="thead" action="validate">
@@ -1027,7 +989,6 @@ http://www.w3.org/TR/html401/struct/global.html
 				
 		<tag name="fieldset" action="validate"/>
 		<tag name="legend" action="validate"/>
-		
 
 		<!-- tags for popular Flash embeds -->
 
@@ -1142,7 +1103,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		
 	</tag-rules>
 
-
 	<!--  CSS validation processing rules  -->
 
 	<css-rules>
@@ -2699,8 +2659,7 @@ http://www.w3.org/TR/html401/struct/global.html
 				<literal value="fantasy"/>
 				<literal value="monospace"/>											
 			</literal-list>
-			
-						
+
 			<regexp-list>
 				<regexp value="[\w,\-&apos;&quot; ]+"/>
 			</regexp-list>
@@ -2762,7 +2721,6 @@ http://www.w3.org/TR/html401/struct/global.html
 		<!--  end manual properties -->
 	</css-rules>
 
-
     <allowed-empty-tags>
         <literal-list>
             <literal value="br"/>
diff --git a/OWASP.AntiSamy/Css/CssScanner.cs b/OWASP.AntiSamy/Css/CssScanner.cs
index f28d0f1..b84d72f 100644
--- a/OWASP.AntiSamy/Css/CssScanner.cs
+++ b/OWASP.AntiSamy/Css/CssScanner.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Jerry Hoff, Caner Patir, Sebastián Passaro
+ * Copyright (c) 2021, Jerry Hoff, Caner Patir, Sebastián Passaro
  * 
  * 
  * All rights reserved.
diff --git a/OWASP.AntiSamy/Exceptions/ParseException.cs b/OWASP.AntiSamy/Exceptions/ParseException.cs
index 419d061..5bdb772 100644
--- a/OWASP.AntiSamy/Exceptions/ParseException.cs
+++ b/OWASP.AntiSamy/Exceptions/ParseException.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Caner Patir, Sebastián Passaro
+ * Copyright (c) 2021, Caner Patir, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Exceptions/PolicyException.cs b/OWASP.AntiSamy/Exceptions/PolicyException.cs
index fa17939..b39a7f8 100644
--- a/OWASP.AntiSamy/Exceptions/PolicyException.cs
+++ b/OWASP.AntiSamy/Exceptions/PolicyException.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Exceptions/ScanException.cs b/OWASP.AntiSamy/Exceptions/ScanException.cs
index 560ef1e..68c4dab 100644
--- a/OWASP.AntiSamy/Exceptions/ScanException.cs
+++ b/OWASP.AntiSamy/Exceptions/ScanException.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Exceptions/UnknownSelectorException.cs b/OWASP.AntiSamy/Exceptions/UnknownSelectorException.cs
index 3f4aeb0..e27373a 100644
--- a/OWASP.AntiSamy/Exceptions/UnknownSelectorException.cs
+++ b/OWASP.AntiSamy/Exceptions/UnknownSelectorException.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2020, Sebastián Passaro
+ * Copyright (c) 2009-2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/AntiSamy.cs b/OWASP.AntiSamy/Html/AntiSamy.cs
index d53e8c1..fdb0486 100644
--- a/OWASP.AntiSamy/Html/AntiSamy.cs
+++ b/OWASP.AntiSamy/Html/AntiSamy.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/CleanResults.cs b/OWASP.AntiSamy/Html/CleanResults.cs
index 5ee9b9a..3167334 100644
--- a/OWASP.AntiSamy/Html/CleanResults.cs
+++ b/OWASP.AntiSamy/Html/CleanResults.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/InternalPolicy.cs b/OWASP.AntiSamy/Html/InternalPolicy.cs
index 120a1aa..6a284ae 100644
--- a/OWASP.AntiSamy/Html/InternalPolicy.cs
+++ b/OWASP.AntiSamy/Html/InternalPolicy.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2008-2021, Kristian Rosenvold, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Model/AntiSamyPattern.cs b/OWASP.AntiSamy/Html/Model/AntiSamyPattern.cs
index 3f37953..5e5077e 100644
--- a/OWASP.AntiSamy/Html/Model/AntiSamyPattern.cs
+++ b/OWASP.AntiSamy/Html/Model/AntiSamyPattern.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Model/Attribute.cs b/OWASP.AntiSamy/Html/Model/Attribute.cs
index 91bcbb2..5a1ff88 100644
--- a/OWASP.AntiSamy/Html/Model/Attribute.cs
+++ b/OWASP.AntiSamy/Html/Model/Attribute.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Model/Property.cs b/OWASP.AntiSamy/Html/Model/Property.cs
index 16cfda4..04f063e 100644
--- a/OWASP.AntiSamy/Html/Model/Property.cs
+++ b/OWASP.AntiSamy/Html/Model/Property.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Model/Tag.cs b/OWASP.AntiSamy/Html/Model/Tag.cs
index f6fd328..9487e34 100644
--- a/OWASP.AntiSamy/Html/Model/Tag.cs
+++ b/OWASP.AntiSamy/Html/Model/Tag.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/ParseContext.cs b/OWASP.AntiSamy/Html/ParseContext.cs
index 05d93b5..2f42113 100644
--- a/OWASP.AntiSamy/Html/ParseContext.cs
+++ b/OWASP.AntiSamy/Html/ParseContext.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2007-2020, Arshan Dabirsiaghi, Jason Li, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2007-2021, Arshan Dabirsiaghi, Jason Li, Kristian Rosenvold, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Policy.cs b/OWASP.AntiSamy/Html/Policy.cs
index c642878..3022636 100644
--- a/OWASP.AntiSamy/Html/Policy.cs
+++ b/OWASP.AntiSamy/Html/Policy.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebasti�n Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
@@ -239,6 +239,24 @@ public Policy CloneWithDirective(string name, string value)
         /// <returns> A <see cref="TagMatcher"/> with all the allowed empty tags configured in the policy.</returns>
         internal TagMatcher GetAllowedEmptyTags() => allowedEmptyTagsMatcher;
 
+        /// <summary>A method for returning one of the dynamic &lt;common-attribute&gt; entries by name.</summary>
+        /// <param name="name">The name of the dynamic common-attribute we want to look up.</param>
+        /// <returns>An <see cref="Attribute"/> associated with the common-attribute lookup name specified, or null if not found.</returns>
+        internal Attribute GetDynamicAttributeByName(string name)
+        {
+            Attribute dynamicAttribute = null;
+            string nameLowercase = name.ToLowerInvariant();
+            foreach (KeyValuePair<string, Attribute> attributeEntry in dynamicAttributes)
+            {
+                if (nameLowercase.StartsWith(attributeEntry.Key))
+                {
+                    dynamicAttribute = attributeEntry.Value;
+                    break;
+                }
+            }
+            return dynamicAttribute;
+        }
+
         internal Policy MutateTag(Tag tag)
         {
             var newTagRules = new Dictionary<string, Tag>(tagRules);
@@ -428,7 +446,8 @@ private static void ParseDynamicAttributes(XmlNode dynamicAttributeListNode, Par
                 Attribute toAdd = parseContext.commonAttributes.GetValueOrTypeDefault(name.ToLowerInvariant());
                 if (toAdd != null)
                 {
-                    parseContext.globalAttributes.Add(name.ToLowerInvariant(), toAdd);
+                    string attributeName = name.ToLowerInvariant().Substring(0, name.Length - 1);
+                    parseContext.dynamicAttributes.Add(attributeName, toAdd);
                 }
                 else
                 {
diff --git a/OWASP.AntiSamy/Html/Scan/AntiSamyDomScanner.cs b/OWASP.AntiSamy/Html/Scan/AntiSamyDomScanner.cs
index a8dfd91..9a83b2b 100644
--- a/OWASP.AntiSamy/Html/Scan/AntiSamyDomScanner.cs
+++ b/OWASP.AntiSamy/Html/Scan/AntiSamyDomScanner.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2009-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
@@ -55,9 +55,7 @@ internal class AntiSamyDomScanner
         public Policy Policy { private get; set; }
         // All error messages live in here
         private readonly List<string> errorMessages = new List<string>();
-        // Needed to parse input
-        private readonly XmlDocument document = new XmlDocument();
-        // Needed to represent the parsed version of the input
+
         public AntiSamyDomScanner(Policy policy)
         {
             InitBlock();
@@ -481,6 +479,12 @@ private bool ProcessAttributes(HtmlNode node, Tag tag)
                 if (attribute == null)
                 {
                     attribute = Policy.GetGlobalAttributeByName(name);
+                    
+                    // Not a global attribute, perhaps it is a dynamic attribute, if allowed.
+                    if (attribute == null && Policy.AllowsDynamicAttributes)
+                    {
+                        attribute = Policy.GetDynamicAttributeByName(name);
+                    }
                 }
 
                 if (name.ToLowerInvariant() == "style" && attribute != null)
diff --git a/OWASP.AntiSamy/Html/Scan/Constants.cs b/OWASP.AntiSamy/Html/Scan/Constants.cs
index 78cfcfc..e93db34 100644
--- a/OWASP.AntiSamy/Html/Scan/Constants.cs
+++ b/OWASP.AntiSamy/Html/Scan/Constants.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebasti�n Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/TagMatcher.cs b/OWASP.AntiSamy/Html/TagMatcher.cs
index 5ea901e..7b51d1b 100644
--- a/OWASP.AntiSamy/Html/TagMatcher.cs
+++ b/OWASP.AntiSamy/Html/TagMatcher.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2020, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2013-2021, Kristian Rosenvold, Sebastián Passaro
  *
  * All rights reserved.
  *
diff --git a/OWASP.AntiSamy/Html/Util/DictionaryExtensions.cs b/OWASP.AntiSamy/Html/Util/DictionaryExtensions.cs
index aa3acd8..b7d670f 100644
--- a/OWASP.AntiSamy/Html/Util/DictionaryExtensions.cs
+++ b/OWASP.AntiSamy/Html/Util/DictionaryExtensions.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Sebastián Passaro
+ * Copyright (c) 2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Util/ErrorMessageUtil.cs b/OWASP.AntiSamy/Html/Util/ErrorMessageUtil.cs
index 1de6618..3daf134 100644
--- a/OWASP.AntiSamy/Html/Util/ErrorMessageUtil.cs
+++ b/OWASP.AntiSamy/Html/Util/ErrorMessageUtil.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Sebastián Passaro
+ * Copyright (c) 2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Util/HtmlEntityEncoder.cs b/OWASP.AntiSamy/Html/Util/HtmlEntityEncoder.cs
index 742ddd5..884bdee 100644
--- a/OWASP.AntiSamy/Html/Util/HtmlEntityEncoder.cs
+++ b/OWASP.AntiSamy/Html/Util/HtmlEntityEncoder.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Util/PolicyParserUtil.cs b/OWASP.AntiSamy/Html/Util/PolicyParserUtil.cs
index 31b78e4..59235c0 100644
--- a/OWASP.AntiSamy/Html/Util/PolicyParserUtil.cs
+++ b/OWASP.AntiSamy/Html/Util/PolicyParserUtil.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Arshan Dabirsiaghi, Jason Li, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2008-2021, Arshan Dabirsiaghi, Jason Li, Kristian Rosenvold, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Util/SpecialCharactersEncoder.cs b/OWASP.AntiSamy/Html/Util/SpecialCharactersEncoder.cs
index 1900a7c..4448ddd 100644
--- a/OWASP.AntiSamy/Html/Util/SpecialCharactersEncoder.cs
+++ b/OWASP.AntiSamy/Html/Util/SpecialCharactersEncoder.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Sebastián Passaro
+ * Copyright (c) 2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/Html/Util/XmlUtil.cs b/OWASP.AntiSamy/Html/Util/XmlUtil.cs
index bc6ccc2..b75c22d 100644
--- a/OWASP.AntiSamy/Html/Util/XmlUtil.cs
+++ b/OWASP.AntiSamy/Html/Util/XmlUtil.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2008-2020, Jerry Hoff, Sebastián Passaro
+ * Copyright (c) 2008-2021, Jerry Hoff, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamy/OWASP.AntiSamy.csproj b/OWASP.AntiSamy/OWASP.AntiSamy.csproj
index 0cffe28..eb096d2 100644
--- a/OWASP.AntiSamy/OWASP.AntiSamy.csproj
+++ b/OWASP.AntiSamy/OWASP.AntiSamy.csproj
@@ -22,9 +22,9 @@ Another way of saying that could be: It's an API that helps you make sure that c
     <DefineConstants>NET5_0</DefineConstants>
   </PropertyGroup>
   <ItemGroup>
-    <PackageReference Include="AngleSharp" Version="0.14.0" />
-    <PackageReference Include="AngleSharp.Css" Version="0.14.2" />
-    <PackageReference Include="HtmlAgilityPack" Version="1.11.29" />
+    <PackageReference Include="AngleSharp" Version="0.16.0" />
+    <PackageReference Include="AngleSharp.Css" Version="0.16.1" />
+    <PackageReference Include="HtmlAgilityPack" Version="1.11.36" />
   </ItemGroup>
   <ItemGroup>
     <!-- Added so NuGet copies this folder to the output package -->
diff --git a/OWASP.AntiSamy/Properties/AssemblyInfo.cs b/OWASP.AntiSamy/Properties/AssemblyInfo.cs
index 8c51df1..68ba22e 100644
--- a/OWASP.AntiSamy/Properties/AssemblyInfo.cs
+++ b/OWASP.AntiSamy/Properties/AssemblyInfo.cs
@@ -7,7 +7,7 @@
 // set of attributes. Change these attribute values to modify the information
 // associated with an assembly.
 [assembly: AssemblyTitle("AntiSamy")]
-[assembly: AssemblyDescription("A library for performing fast, configurable cleansing of HTML coming from untrusted sources. Refactored from an old project in .NET framework 2.0 to the current version in .NET core 3.1.\r\n\r\nAnother way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., that get persisted on the server. The term \"malicious code\" in regard to web applications usually mean \"JavaScript.\" Mostly, Cascading Stylesheets are only considered malicious when they invoke JavaScript. However, there are many situations where \"normal\" HTML and CSS can be used in a malicious manner.")]
+[assembly: AssemblyDescription("A library for performing fast, configurable cleansing of HTML coming from untrusted sources. Refactored from an old project in .NET framework 2.0 to the current version in .NET Framework 4.6+, .NET Core 2.0+, .NET Standard 2.0 and .NET 5.\r\n\r\nAnother way of saying that could be: It's an API that helps you make sure that clients don't supply malicious cargo code in the HTML they supply for their profile, comments, etc., that get persisted on the server. The term \"malicious code\" in regard to web applications usually mean \"JavaScript.\" Mostly, Cascading Stylesheets are only considered malicious when they invoke JavaScript. However, there are many situations where \"normal\" HTML and CSS can be used in a malicious manner.")]
 [assembly: AssemblyConfiguration("")]
 [assembly: AssemblyCompany("spassaro")]
 [assembly: AssemblyProduct("AntiSamy")]
diff --git a/OWASP.AntiSamyTests/Html/AntiSamyTest.cs b/OWASP.AntiSamyTests/Html/AntiSamyTest.cs
index 3506e9a..8899ca9 100644
--- a/OWASP.AntiSamyTests/Html/AntiSamyTest.cs
+++ b/OWASP.AntiSamyTests/Html/AntiSamyTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2020, Arshan Dabirsiaghi, Sebastián Passaro
+ * Copyright (c) 2009-2021, Arshan Dabirsiaghi, Sebastián Passaro
  * 
  * All rights reserved.
  * 
@@ -140,7 +140,7 @@ public void TestCssAttacks()
         public void TestEmptyTags()
         {
             string html = antisamy.Scan("<br ><strong></strong><a>hello world</a><b /><i/><hr>", policy).GetCleanHtml();
-                
+
             var regex = new Regex(".*<strong(\\s*)/>.*");
             regex.IsMatch(html).Should().BeFalse();
 
@@ -149,7 +149,7 @@ public void TestEmptyTags()
 
             regex = new Regex(".*<i(\\s*)/>.*");
             regex.IsMatch(html).Should().BeFalse();
-            
+
             (html.Contains("<hr />") || html.Contains("<hr/>")).Should().BeTrue();
         }
 
@@ -170,7 +170,7 @@ public void TestPreserveFontFamily()
         {
             antisamy.Scan("<div style=\"font-family: Geneva, Arial, courier new, sans-serif\">Test</div>", policy).GetCleanHtml().Should().Contain("font-family");
         }
-       
+
         [Test(Description = "Tests issue #30 from owaspantisamy Google Code Archive>: 'missing quotes around properties with spaces'")]
         [Ignore("CDATA is not handled by HtmlAgilityPack the same way than the Java version. The code works but the format is just different.")]
         public void TestCssPropertiesWithMultilineAndCData()
@@ -362,7 +362,7 @@ public void TestLiteralLists()
             CleanResults result = antisamy.Scan("hello<p align='invalid'>world</p>", policy);
             result.GetCleanHtml().Should().NotContain("invalid");
             result.GetNumberOfErrors().Should().Be(1);
-            
+
             antisamy.Scan("hello<p align='left'>world</p>", policy).GetCleanHtml().Should().Contain("left");
         }
 
@@ -409,7 +409,7 @@ public void TestErroneousNewLinesAppearing()
 
             int expectedLocation = header.Length;
             int actualLocation = result.IndexOf(nl);
-            actualLocation.Should().BeInRange(expectedLocation - 1, expectedLocation, 
+            actualLocation.Should().BeInRange(expectedLocation - 1, expectedLocation,
                 because: "According to Java project: 'account for line separator length difference across OSes'");
         }
 
@@ -539,11 +539,20 @@ public void TestHtml5Colon()
         }
 
         [Test(Description = "Tests issue #144 from owaspantisamy Google Code Archive.")]
-        public void TestPinataString ()
+        public void TestPinataString()
         {
             antisamy.Scan("pi\u00f1ata", policy).GetCleanHtml().Should().Be("pi\u00f1ata");
         }
 
+        [Test]
+        public void TestHtml5DynamicDataAttribute()
+        {
+            // Test good attribute "data-"
+            antisamy.Scan("<p data-tag=\"abc123\">Hello World!</p>", policy).GetCleanHtml().Should().Be("<p data-tag=\"abc123\">Hello World!</p>");
+            // Test bad attribute "dat-"
+            antisamy.Scan("<p dat-tag=\"abc123\">Hello World!</p>", policy).GetCleanHtml().Should().Be("<p>Hello World!</p>");
+        }
+
         [Test]
         public void TestXssOnMouseOver()
         {
@@ -738,5 +747,41 @@ public void TestTagTruncation()
             antisamy.Scan("<section><div class='.divToTruncate'>Div only contains this text<span>Confirmed</span></div></section>", revised)
                 .GetCleanHtml().Should().Be("<section><div>Div only contains this text</div></section>");
         }
+
+        [Test(Description = "Tests issue #81 from nahsra/antisamy on GitHub.")]
+        public void TestPreserveImportantOnCssProperty()
+        {
+            antisamy.Scan("<p style=\"color: red !important\">Some Text</p>", policy).GetCleanHtml().Should().Contain("!important");
+        }
+
+        [Test]
+        public void TestEntityReferenceEncodedInHtmlAttribute()
+        {
+            antisamy.Scan("<p><a href=\"javascript&#00058x=1,%61%6c%65%72%74%28%22%62%6f%6f%6d%22%29\">xss</a></p>", policy).GetCleanHtml().Should().Contain("javascript&amp;#00058");
+        }
+
+        [Test(Description = "Tests issue #101 from nahsra/antisamy on GitHub.")]
+        public void TestManySingificantFiguresAndExponentialValuesOnCss()
+        {
+            // Test that margin attribute is not removed when value has too much significant figures.
+            // Current behavior is that decimals like 0.00001 are internally translated to 1E-05, this
+            // is reflected on regex validation and actual output. The inconsistency is due to Batik CSS.
+            antisamy.Scan("<p style=\"margin: 0.0001pt;\">Some text.</p>", policy).GetCleanHtml().Should().Contain("margin");
+            antisamy.Scan("<p style=\"margin: 10000000pt;\">Some text.</p>", policy).GetCleanHtml().Should().Contain("margin");
+            
+            // When using exponential directly the "e" or "E" is internally considered as the start of
+            // the dimension/unit type. This creates inconsistencies that make the regex validation fail or value gets deleted.
+            antisamy.Scan("<p style=\"margin: 1.0E-04pt;\">Some text.</p>", policy).GetCleanHtml().Should().NotContain("margin");
+            antisamy.Scan("<p style=\"margin: 1.0E+04pt;\">Some text.</p>", policy).GetCleanHtml().Should().NotContain("margin");
+        }
+
+        [Test]
+        public void TestCssUnits()
+        {
+            const string input = "<div style=\"width:50vw;height:50vh;padding:1rpc;\">\n" +
+                "\t<p style=\"font-size:1.5ex;padding-left:1rem;padding-top:16px;\">Some text.</p>\n" +
+                "</div>";
+            antisamy.Scan(input, policy).GetCleanHtml().Should().ContainAll("ex", "px", "rem", "vw", "vh").And.NotContain("rpc");
+        }
     }
 }
diff --git a/OWASP.AntiSamyTests/Html/LiteralTest.cs b/OWASP.AntiSamyTests/Html/LiteralTest.cs
index ab7b72d..1ef194d 100644
--- a/OWASP.AntiSamyTests/Html/LiteralTest.cs
+++ b/OWASP.AntiSamyTests/Html/LiteralTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2020, Arshan Dabirsiaghi, Sebastián Passaro
+ * Copyright (c) 2009-2021, Arshan Dabirsiaghi, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamyTests/Html/LocalizationTest.cs b/OWASP.AntiSamyTests/Html/LocalizationTest.cs
index d85bdba..32d5602 100644
--- a/OWASP.AntiSamyTests/Html/LocalizationTest.cs
+++ b/OWASP.AntiSamyTests/Html/LocalizationTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Sebastián Passaro
+ * Copyright (c) 2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamyTests/Html/Model/TagTest.cs b/OWASP.AntiSamyTests/Html/Model/TagTest.cs
index 8370002..09ba96d 100644
--- a/OWASP.AntiSamyTests/Html/Model/TagTest.cs
+++ b/OWASP.AntiSamyTests/Html/Model/TagTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2020, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2013-2021, Kristian Rosenvold, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamyTests/Html/PolicyTest.cs b/OWASP.AntiSamyTests/Html/PolicyTest.cs
index 895fd9d..bf2aabc 100644
--- a/OWASP.AntiSamyTests/Html/PolicyTest.cs
+++ b/OWASP.AntiSamyTests/Html/PolicyTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2009-2020, Arshan Dabirsiaghi, Sebastián Passaro
+ * Copyright (c) 2009-2021, Arshan Dabirsiaghi, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamyTests/Html/TagMatcherTest.cs b/OWASP.AntiSamyTests/Html/TagMatcherTest.cs
index de6e219..0a035dd 100644
--- a/OWASP.AntiSamyTests/Html/TagMatcherTest.cs
+++ b/OWASP.AntiSamyTests/Html/TagMatcherTest.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013-2020, Kristian Rosenvold, Sebastián Passaro
+ * Copyright (c) 2013-2021, Kristian Rosenvold, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/OWASP.AntiSamyTests/TestConstants.cs b/OWASP.AntiSamyTests/TestConstants.cs
index efe105c..d9aa8b9 100644
--- a/OWASP.AntiSamyTests/TestConstants.cs
+++ b/OWASP.AntiSamyTests/TestConstants.cs
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2020, Sebastián Passaro
+ * Copyright (c) 2021, Sebastián Passaro
  * 
  * All rights reserved.
  * 
diff --git a/README.md b/README.md
index 897fb09..b9c1606 100644
--- a/README.md
+++ b/README.md
@@ -135,9 +135,9 @@ dotnet test OWASP.AntiSamy.sln
 
 ## Dependencies
 Core:
--   AngleSharp (v0.14.0)
--   AngleSharp.Css (v0.14.2)
--   HtmlAgilityPack (v1.11.29)
+-   AngleSharp (v0.16.0)
+-   AngleSharp.Css (v0.16.1)
+-   HtmlAgilityPack (v1.11.36)
 
 Tests:
 -   FluentAssertions (v5.10.3)