diff --git a/.eslintrc b/.eslintrc
index a31405f5..ad718483 100644
--- a/.eslintrc
+++ b/.eslintrc
@@ -2,6 +2,7 @@
   "root": true,
   "extends": "@1stg",
   "rules": {
+    "unicorn/prefer-set-has": "off",
     "unicorn/template-indent": "off"
   },
   "overrides": [
diff --git a/src/index.ts b/src/index.ts
index 724c8fa3..a9e56396 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -3,24 +3,34 @@ let domParser: DOMParser | undefined
 export type DocumentOrFragment = Document | DocumentFragment
 
 const isDocumentOrFragment = (
-  el: DocumentOrFragment | Element,
+  el: ChildNode | DocumentOrFragment,
 ): el is DocumentOrFragment =>
   el.nodeType === Node.DOCUMENT_NODE ||
   el.nodeType === Node.DOCUMENT_FRAGMENT_NODE
 
-export function getTagName(el: DocumentOrFragment): undefined
-export function getTagName(el: Element): string
-export function getTagName(el: DocumentOrFragment | Element): string | undefined
-export function getTagName(el: DocumentOrFragment | Element) {
-  return 'tagName' in el ? el.tagName.toLowerCase() : undefined
+const isElement = (el: ChildNode | DocumentOrFragment): el is Element =>
+  el.nodeType === Node.ELEMENT_NODE
+
+const isComment = (el: ChildNode): el is Comment =>
+  el.nodeType === Node.COMMENT_NODE
+
+function getTagName(el: Element): string
+function getTagName(el: ChildNode | DocumentOrFragment): string | undefined
+function getTagName(el: ChildNode | DocumentOrFragment) {
+  return isElement(el) ? el.tagName.toLowerCase() : undefined
 }
 
 /**
  * @see https://www.w3schools.com/tags/att_form.asp
  */
-export const DISALLOWED_FORM_ATTR_TAG_NAMES =
+const DISALLOWED_FORM_ATTR_TAG_NAMES =
   'button,fieldset,input,label,meter,object,output,select,textarea'.split(',')
 
+const DISALLOWED_ATTR_NAMES = [
+  'autofocus',
+  ...'fld,formatas,src'.split(',').map(it => `data${it}`),
+]
+
 const sanitizeAttributes = (el: Element) => {
   const tagName = getTagName(el)
   const attrs = el.attributes
@@ -30,9 +40,10 @@ const sanitizeAttributes = (el: Element) => {
     if (name === 'is') {
       attr.value = ''
     } else if (
-      name === 'autofocus' ||
+      DISALLOWED_ATTR_NAMES.includes(name) ||
       (name === 'form' && DISALLOWED_FORM_ATTR_TAG_NAMES.includes(tagName)) ||
-      /^on/i.test(name) ||
+      /^(?:["'<=>`]|on)/i.test(name) ||
+      /\s/.test(name) ||
       /^(?:\w+script|data):/i.test(value.replaceAll(/\r?\n/g, ''))
     ) {
       el.removeAttributeNode(attr)
@@ -44,9 +55,9 @@ const sanitizeAttributes = (el: Element) => {
   return el
 }
 
-const sanitizeChildren = <T extends DocumentOrFragment | Element>(el: T) => {
-  for (let i = 0, len = el.children.length; i < len; i++) {
-    const item = el.children[i]
+const sanitizeChildren = <T extends ChildNode | DocumentOrFragment>(el: T) => {
+  for (let i = 0, len = el.childNodes.length; i < len; i++) {
+    const item = el.childNodes[i]
     const sanitized = sanitizeNode(item, getTagName(el))
     if (sanitized === item) {
       continue
@@ -64,49 +75,68 @@ const sanitizeChildren = <T extends DocumentOrFragment | Element>(el: T) => {
 /**
  * @see https://developer.mozilla.org/en-US/docs/Web/MathML/Authoring#using_mathml
  */
-export const MathML_TAG_NAMES = new Set(
+const MathML_TAG_NAMES =
   'error,frac,i,multiscripts,n,o,over,padded,phantom,root,row,s,space,sqrt,style,sub,subsup,sup,table,td,text,tr,under,underover'
     .split(',')
-    .map(it => `m${it}`),
-)
+    .map(it => `m${it}`)
+
+const DANGEROUS_OR_OBSOLETE_TAG_NAMES = 'event-source,listing'
 
 function sanitizeNode(el: Document): Document
 function sanitizeNode(el: DocumentFragment): DocumentFragment
 function sanitizeNode(
-  el: Element,
+  el: ChildNode,
   parentTagName?: string,
-): Element | string | null
+): ChildNode | string | null | undefined
 function sanitizeNode(
-  el: DocumentOrFragment | Element,
+  el: ChildNode | DocumentOrFragment,
   parentTagName?: string,
 ) {
   if (isDocumentOrFragment(el)) {
     return sanitizeChildren(el)
   }
 
+  if (isComment(el)) {
+    return
+  }
+
+  if (!isElement(el)) {
+    return el
+  }
+
   const tagName = getTagName(el)
 
   if (
-    (parentTagName === 'math' && !MathML_TAG_NAMES.has(tagName)) ||
+    (parentTagName === 'math' && !MathML_TAG_NAMES.includes(tagName)) ||
+    DANGEROUS_OR_OBSOLETE_TAG_NAMES.includes(tagName) ||
     // unknown HTML element
     el instanceof HTMLUnknownElement ||
     // unknown SVG element
-    Object.getPrototypeOf(el) === SVGElement.prototype
+    (Object.getPrototypeOf(el) === SVGElement.prototype &&
+      // https://github.com/jsdom/jsdom/issues/2734
+      !['defs', 'filter', 'g', 'script'].includes(tagName))
   ) {
     return el.textContent
   }
 
   switch (tagName) {
+    case 'style': {
+      if ((el as HTMLStyleElement).sheet?.cssRules.length) {
+        break
+      }
+    }
+    // eslint-disable-next-line no-fallthrough -- intended to remove empty style element
+    case 'embed':
     case 'iframe':
     case 'link':
     case 'meta':
+    case 'object':
     case 'parsererror':
     case 'script':
     // eslint-disable-next-line no-fallthrough -- deprecated tags
     case 'noembed':
     case 'xmp': {
-      el.remove()
-      return
+      return el.remove()
     }
     case 'template': {
       sanitizeChildren((el as HTMLTemplateElement).content)
diff --git a/test/__snapshots__/dompurify.spec.ts.snap b/test/__snapshots__/dompurify.spec.ts.snap
index f8d6ca24..2104792c 100644
--- a/test/__snapshots__/dompurify.spec.ts.snap
+++ b/test/__snapshots__/dompurify.spec.ts.snap
@@ -8,147 +8,51 @@ exports[`dompurify compatibility > 65 > 65 1`] = `
 }
 `;
 
-exports[`dompurify compatibility > 71 > 71 1`] = `
+exports[`dompurify compatibility > 81 > 81 1`] = `
 {
-  "expected": "<div id="17">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="17"><?xml-stylesheet href="javascript:alert(17)"?><root/>//["'\`-->]]>]</div>",
-  "result": "<div id="17"><!--?xml-stylesheet href="javascript:alert(17)"?-->//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="27"><style>p[foo=bar{}*{-o-link:'javascript:alert(27)'}{}*{-o-link-source:current}*{background:red}]{background:green};</style>//["'\`--&gt;]]&gt;]</div><div id="28">1&gt;//["'\`--&gt;]]&gt;]</div>",
+  "payload": "<div id="27"><style>p[foo=bar{}*{-o-link:'javascript:alert(27)'}{}*{-o-link-source:current}*{background:red}]{background:green};</style>//["'\`-->]]>]</div><div id="28">1<animate/xmlns=urn:schemas-microsoft-com:time style=behavior:url(#default#time2)  attributename=innerhtml values=<img/src="."onerror=alert(28)>>//["'\`-->]]>]</div>",
+  "result": "<div id="27">//["'\`--&gt;]]&gt;]</div><div id="28">1&gt;//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
-exports[`dompurify compatibility > 90 > 90 1`] = `
+exports[`dompurify compatibility > 83 > 83 1`] = `
 {
-  "expected": "<div id="37"><img src="x">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="37"><!--<img src="--><img src=x onerror=alert(37)//">//["'\`-->]]>]</div>",
-  "result": "<div id="37"><!--<img src="--><img src="x">//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="30"><style>@import "data:,*%7bx:expression(alert(30))%7D";</style>//["'\`--&gt;]]&gt;]</div>",
+  "payload": "<div id="30"><style>@import "data:,*%7bx:expression(alert(30))%7D";</style>//["'\`-->]]>]</div>",
+  "result": "<div id="30">//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
-exports[`dompurify compatibility > 91 > 91 1`] = `
+exports[`dompurify compatibility > 95 > 95 1`] = `
 {
-  "expected": [
-    "<div id="38"><img src="</comment><img src=x onerror=alert(38)//">//["'\`--&gt;]]&gt;]</div><div id="39"></div>",
-    "<div id="38"><img src="&lt;/comment&gt;&lt;img src=x onerror=alert(38)//">//["'\`--&gt;]]&gt;]</div><div id="39"></div>",
-  ],
-  "payload": "<div id="38"><comment><img src="</comment><img src=x onerror=alert(38)//">//["'\`-->]]>]</div><div id="39"><!-- up to Opera 11.52, FF 3.6.28 -->",
-  "result": "<div id="38">//["'\`--&gt;]]&gt;]</div><div id="39"><!-- up to Opera 11.52, FF 3.6.28 --></div>",
-}
-`;
-
-exports[`dompurify compatibility > 94 > 94 1`] = `
-{
-  "expected": "<div id="40"><img src="x">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="40"><style><img src="</style><img src=x onerror=alert(40)//">//["'\`-->]]>]</div>",
-  "result": "<div id="40"><style><img src="</style><img src="x">//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 97 > 97 1`] = `
-{
-  "expected": "<div id="42"><a href="/. /,alert(42)//#">XXX</a>//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="42"><head><base href="javascript://"/></head><body><a href="/. /,alert(42)//#">XXX</a></body>//["'\`-->]]>]</div>",
-  "result": "<div id="42"><base><a href="/. /,alert(42)//#">XXX</a>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 98 > 98 1`] = `
-{
-  "expected": "<div id="43"></div>",
-  "payload": "<div id="43"><?xml version="1.0" standalone="no"?>",
-  "result": "<div id="43"><!--?xml version="1.0" standalone="no"?--></div>",
-}
-`;
-
-exports[`dompurify compatibility > 103 > 103 1`] = `
-{
-  "expected": "<div id="47"><svg xmlns="http://www.w3.org/2000/svg"></svg>//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="47"><svg xmlns="http://www.w3.org/2000/svg"><script>alert(47)</script></svg>//["'\`-->]]>]</div>",
-  "result": "<div id="47"><svg xmlns="http://www.w3.org/2000/svg">alert(47)</svg>//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="41"><li style="list-style:url()"></li></div>",
+  "payload": "<div id="41"><li style=list-style:url() onerror=alert(41)></li>",
+  "result": "<div id="41"></div>",
 }
 `;
 
-exports[`dompurify compatibility > 105 > 105 1`] = `
+exports[`dompurify compatibility > 100 > 100 1`] = `
 {
-  "expected": "<div id="49">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="49"><OBJECT CLASSID="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><PARAM NAME="DataURL" VALUE="javascript:alert(49)"></OBJECT>//["'\`-->]]>]</div>",
-  "result": "<div id="49"><object classid="clsid:333C7BC4-460F-11D0-BC04-0080C7055A83"><param name="DataURL"></object>//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="44"><style>*[{}@import'test.css?]{color: green;}</style>X//["'\`--&gt;]]&gt;]</div>",
+  "payload": "<div id="44"><style>*[{}@import'test.css?]{color: green;}</style>X//["'\`-->]]>]</div>",
+  "result": "<div id="44">X//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
-exports[`dompurify compatibility > 106 > 106 1`] = `
+exports[`dompurify compatibility > 111 > 111 1`] = `
 {
-  "expected": "<div id="50">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="50"><object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></object>//["'\`-->]]>]</div>",
-  "result": "<div id="50"><object></object>//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="55"><video><source>//["'\`--&gt;]]&gt;]</video></div>",
+  "payload": "<div id="55"><video><source onerror="alert(55)">//["'\`-->]]>]</div>",
+  "result": "<div id="55"><video>//["'\`--&gt;]]&gt;]</video></div>",
 }
 `;
 
-exports[`dompurify compatibility > 107 > 107 1`] = `
+exports[`dompurify compatibility > 112 > 112 1`] = `
 {
-  "expected": "<div id="51">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="51"><embed src="data:text/html;base64,PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg=="></embed>//["'\`-->]]>]</div>",
-  "result": "<div id="51"><embed>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 109 > 109 1`] = `
-{
-  "expected": "<label></label>//["'\`--&gt;]]&gt;]",
-  "payload": "<label dataformatas="html" datasrc="#xss" datafld="payload"></label>//["'\`-->]]>]</div>",
-  "result": "<label dataformatas="html" datasrc="#xss" datafld="payload"></label>//["'\`--&gt;]]&gt;]",
-}
-`;
-
-exports[`dompurify compatibility > 113 > 113 1`] = `
-{
-  "expected": "<div id="57"><b>alert(57)//0</b>//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="57"><b <script>alert(57)//</script>0</script></b>//["'\`-->]]>]</div>",
-  "result": "<div id="57"><b <script="">alert(57)//0</b>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 117 > 117 1`] = `
-{
-  "expected": "<div id="62">
-
-
-
-//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="62"><!-- IE 6-8 -->
-<x '="foo"><x foo='><img src=x onerror=alert(62)//'>
-<!-- IE 6-9 -->
-<! '="foo"><x foo='><img src=x onerror=alert(2)//'>
-<? '="foo"><x foo='><img src=x onerror=alert(3)//'>//["'\`-->]]>]</div>",
-  "result": "<div id="62"><!-- IE 6-8 -->
-
-
-
-//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 118 > 118 1`] = `
-{
-  "expected": "<div id="63"> // O10.10↓, OM10.0↓, GC6↓, FF
-<img>
-<img> // IE6, O10.10↓, OM10.0↓
- // IE6, O11.01↓, OM10.1↓//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="63"><embed src="javascript:alert(63)"></embed> // O10.10↓, OM10.0↓, GC6↓, FF
-<img src="javascript:alert(2)">
-<image src="javascript:alert(2)"> // IE6, O10.10↓, OM10.0↓
-<script src="javascript:alert(3)"></script> // IE6, O11.01↓, OM10.1↓//["'\`-->]]>]</div>",
-  "result": "<div id="63"><embed> // O10.10↓, OM10.0↓, GC6↓, FF
-<img>
-<img> // IE6, O10.10↓, OM10.0↓
- // IE6, O11.01↓, OM10.1↓//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 120 > 120 1`] = `
-{
-  "expected": "<div id="65"><svg xmlns="http://www.w3.org/2000/svg"></svg>//["'\`--&gt;]]&gt;]</div><div id="66"></div>",
-  "payload": "<div id="65"><svg onload="javascript:alert(65)" xmlns="http://www.w3.org/2000/svg"></svg>//["'\`-->]]>]</div><div id="66"><?xml version="1.0"?>",
-  "result": "<div id="65"><svg xmlns="http://www.w3.org/2000/svg"></svg>//["'\`--&gt;]]&gt;]</div><div id="66"><!--?xml version="1.0"?--></div>",
+  "expected": "<div id="56"><video><source></video>//["'\`--&gt;]]&gt;]</div>",
+  "payload": "<div id="56"><video onerror="alert(56)"><source></source></video>//["'\`-->]]>]</div>",
+  "result": "<div id="56"><video></video>//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
@@ -170,67 +74,11 @@ exports[`dompurify compatibility > 121 > 121 1`] = `
 }
 `;
 
-exports[`dompurify compatibility > 125 > 125 1`] = `
-{
-  "expected": "<div id="71">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="71"><// style=x:expression8alert(71)9>//["'\`-->]]>]</div>",
-  "result": "<div id="71"><!--/ style=x:expression8alert(71)9-->//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 127 > 127 1`] = `
-{
-  "expected": "<div id="73">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="73"><event-source src="event.php" onload="alert(73)">//["'\`-->]]>]</div>",
-  "result": "<div id="73"><event-source src="event.php">//["'\`--&gt;]]&gt;]</event-source></div>",
-}
-`;
-
-exports[`dompurify compatibility > 128 > 128 1`] = `
-{
-  "expected": "<div id="74"><a></a>//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="74"><a href="javascript:alert(74)"><event-source src="data:application/x-dom-event-stream,Event:click%0Adata:XXX%0A%0A" /></a>//["'\`-->]]>]</div>",
-  "result": "<div id="74"><a><event-source></event-source></a>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 130 > 130 1`] = `
-{
-  "expected": "<div id="76">&amp;x;//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="76"><?xml-stylesheet type="text/css"?><!DOCTYPE x SYSTEM "test.dtd"><x>&x;</x>//["'\`-->]]>]</div>",
-  "result": "<div id="76"><!--?xml-stylesheet type="text/css"?-->&amp;x;//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 131 > 131 1`] = `
-{
-  "expected": "<div id="77">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="77"><?xml-stylesheet type="text/css"?><root style="x:expression(alert(77))"/>//["'\`-->]]>]</div>",
-  "result": "<div id="77"><!--?xml-stylesheet type="text/css"?-->//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 132 > 132 1`] = `
-{
-  "expected": "<div id="78"><img xmlns="x-schema:test.xdr">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="78"><?xml-stylesheet type="text/xsl" href="#"?><img xmlns="x-schema:test.xdr"/>//["'\`-->]]>]</div>",
-  "result": "<div id="78"><!--?xml-stylesheet type="text/xsl" href="#"?--><img xmlns="x-schema:test.xdr">//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 133 > 133 1`] = `
+exports[`dompurify compatibility > 134 > 134 1`] = `
 {
-  "expected": "<div id="79">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="79"><object allowscriptaccess="always" data="x"></object>//["'\`-->]]>]</div>",
-  "result": "<div id="79"><object allowscriptaccess="always" data="x"></object>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 136 > 136 1`] = `
-{
-  "expected": "<div id="82">//["'\`--&gt;]]&gt;]</div><div id="83">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="82"><?xml-stylesheet type="text/css" href="data:,*%7bx:expression(write(2));%7d"?>//["'\`-->]]>]</div><div id="83"><x:template xmlns:x="http://www.wapforum.org/2001/wml"  x:ontimer="$(x:unesc)j$(y:escape)a$(z:noecs)v$(x)a$(y)s$(z)cript$x:alert(83)"><x:timer value="1"/></x:template>//["'\`-->]]>]</div>",
-  "result": "<div id="82"><!--?xml-stylesheet type="text/css" href="data:,*%7bx:expression(write(2));%7d"?-->//["'\`--&gt;]]&gt;]</div><div id="83">//["'\`--&gt;]]&gt;]</div>",
+  "expected": "<div id="80"><style>*{x:ｅｘｐｒｅｓｓｉｏｎ(alert(80))}</style>//["'\`--&gt;]]&gt;]</div>",
+  "payload": "<div id="80"><style>*{x:ｅｘｐｒｅｓｓｉｏｎ(alert(80))}</style>//["'\`-->]]>]</div>",
+  "result": "<div id="80">//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
@@ -248,67 +96,6 @@ exports[`dompurify compatibility > 139 > 139 1`] = `
 }
 `;
 
-exports[`dompurify compatibility > 141 > 141 1`] = `
-{
-  "expected": "<div id="90">
-<div style="content:url(test2.svg)"></div>
-
-
-
-
-<div style="background:url(test5.svg)">PRESS ENTER</div>//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="90"><!-- Up to Opera 10.63 -->
-<div style=content:url(test2.svg)></div>
-
-<!-- Up to Opera 11.64 - see link below -->
-
-<!-- Up to Opera 12.x -->
-<div style="background:url(test5.svg)">PRESS ENTER</div>//["'\`-->]]>]</div>",
-  "result": "<div id="90"><!-- Up to Opera 10.63 -->
-<div style="content:url(test2.svg)"></div>
-
-<!-- Up to Opera 11.64 - see link below -->
-
-<!-- Up to Opera 12.x -->
-<div style="background:url(test5.svg)">PRESS ENTER</div>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 142 > 142 1`] = `
-{
-  "expected": "<div id="91">[A]
-"&gt;
-"&gt;
-"&gt;
-[B]
-"&gt;
-[C]
-
-[D]
-&lt;% foo&gt;//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="91">[A]
-<? foo="><script>alert(91)</script>">
-<! foo="><script>alert(91)</script>">
-</ foo="><script>alert(91)</script>">
-[B]
-<? foo="><x foo='?><script>alert(91)</script>'>">
-[C]
-<! foo="[[[x]]"><x foo="]foo><script>alert(91)</script>">
-[D]
-<% foo><x foo="%><script>alert(91)</script>">//["'\`-->]]>]</div>",
-  "result": "<div id="91">[A]
-<!--? foo="-->"&gt;
-<!-- foo="-->"&gt;
-<!-- foo="-->"&gt;
-[B]
-<!--? foo="-->"&gt;
-[C]
-
-[D]
-&lt;% foo&gt;//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
 exports[`dompurify compatibility > 146 > 146 1`] = `
 {
   "expected": [
@@ -344,95 +131,6 @@ PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciPjxzY3JpcHQ%2BYWxlcnQoMSk8L3
 }
 `;
 
-exports[`dompurify compatibility > 148 > 148 1`] = `
-{
-  "expected": "<div id="97">
-<div id="d"></div>
-
-
-<div id="d"></div>
-//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="97"><!-- IE 5-9 -->
-<div id=d><x xmlns="><iframe onload=alert(97)"></div>
-<script>d.innerHTML+='';</script>
-<!-- IE 10 in IE5-9 Standards mode -->
-<div id=d><x xmlns='"><iframe onload=alert(2)//'></div>
-<script>d.innerHTML+='';</script>//["'\`-->]]>]</div>",
-  "result": "<div id="97"><!-- IE 5-9 -->
-<div id="d"></div>
-
-<!-- IE 10 in IE5-9 Standards mode -->
-<div id="d"></div>
-//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 151 > 151 1`] = `
-{
-  "expected": [
-    "<div id="102"><img src="x\` \`&lt;script&gt;alert(102)&lt;/script&gt;">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="102"><img src="x\` \`<script>alert(102)</script>">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="102"><img src="x%60%20%60%3Cscript%3Ealert%28102%29%3C/script%3E">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="102">//["'\`--&gt;]]&gt;]</div>",
-  ],
-  "payload": "<div id="102"><img src="x\` \`<script>alert(102)</script>"\` \`>//["'\`-->]]>]</div>",
-  "result": "<div id="102"><img src="x\` \`<script>alert(102)</script>" \`="">//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 154 > 154 1`] = `
-{
-  "expected": [
-    "<div id="106"><img src="">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="106"><img>//["'\`--&gt;]]&gt;]</div>",
-  ],
-  "payload": "<div id="106"><img src onerror /" '"= alt=alert(106)//">//["'\`-->]]>]</div>",
-  "result": "<div id="106"><img src="" "="" '"="alt=alert(106)//&quot;">//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 156 > 156 1`] = `
-{
-  "expected": [
-    "<div id="108">
-<a href="http://foo.bar/#x=\`y"></a><img alt="\`&gt;&lt;img src=xx onerror=alert(108)&gt;&lt;/a&gt;">
-
-<img alt="\`&gt;&lt;img src=xx onerror=alert(2)//">
-<img alt="\`&gt;&lt;img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="108">
-<a href="http://foo.bar/#x=\`y"></a><img alt="\`><img src=xx onerror=alert(108)></a>">
-
-<img alt="\`><img src=xx onerror=alert(2)//">
-<img alt="\`><img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="108">
-<a href="http://foo.bar/#x=%60y"></a><img alt="\`&gt;&lt;img src=xx onerror=alert(108)&gt;&lt;/a&gt;">
-
-<img alt="\`&gt;&lt;img src=xx onerror=alert(2)//">
-<img alt="\`&gt;&lt;img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="108">
-<a href="http://foo.bar/#x=\`y"></a>
-
-<img alt="\`><img src=xx onerror=alert(2)//">
-<img alt="\`><img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-    "<div id="108">
-<a href="http://foo.bar/#x=\`y"></a>
-
-<img alt="\`&gt;&lt;img src=xx onerror=alert(2)//">
-<img alt="\`&gt;&lt;img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-  ],
-  "payload": "<div id="108"><!-- IE 5-8 standards mode -->
-<a href=http://foo.bar/#x=\`y></a><img alt="\`><img src=xx onerror=alert(108)></a>">
-<!-- IE 5-9 standards mode -->
-<!a foo=x=\`y><img alt="\`><img src=xx onerror=alert(2)//">
-<?a foo=x=\`y><img alt="\`><img src=xx onerror=alert(3)//">//["'\`-->]]>]</div>",
-  "result": "<div id="108"><!-- IE 5-8 standards mode -->
-<a href="http://foo.bar/#x=\`y"></a><img alt="\`><img src=xx onerror=alert(108)></a>">
-<!-- IE 5-9 standards mode -->
-<!--a foo=x=\`y--><img alt="\`><img src=xx onerror=alert(2)//">
-<!--?a foo=x=\`y--><img alt="\`><img src=xx onerror=alert(3)//">//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
 exports[`dompurify compatibility > 157 > 157 1`] = `
 {
   "expected": [
@@ -493,14 +191,36 @@ exports[`dompurify compatibility > 158 > 158 1`] = `
 }
 `;
 
-exports[`dompurify compatibility > 161 > 161 1`] = `
+exports[`dompurify compatibility > 160 > 160 1`] = `
 {
-  "expected": "<div id="114">XXX//["'\`--&gt;]]&gt;]</div><div id="115">
+  "expected": [
+    "<div id="112"><div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X</div>//["'\`--&gt;]]&gt;]</div><div id="113"><div id="x">XXX</div>
+<style>
+
+#x{font-family:foo[bar;color:green;}
+
+#y];color:red;{}
+
+</style>//["'\`--&gt;]]&gt;]</div>",
+    "<div id="112"><div>X</div>//["'\`--&gt;]]&gt;]</div><div id="113"><div id="x">XXX</div>
+<style>
+
+#x{font-family:foo[bar;color:green;}
+
+#y];color:red;{}
+
+</style>//["'\`--&gt;]]&gt;]</div>",
+  ],
+  "payload": "<div id="112"><div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X</div>//["'\`-->]]>]</div><div id="113"><div id="x">XXX</div>
+<style>
+
+#x{font-family:foo[bar;color:green;}
+
+#y];color:red;{}
+
+</style>//["'\`-->]]>]</div>",
+  "result": "<div id="112"><div style="font-family:foo{bar;background:url(http://foo.f/oo};color:red/*/foo.jpg);">X</div>//["'\`--&gt;]]&gt;]</div><div id="113"><div id="x">XXX</div>
 //["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="114"><x style="background:url('x[a];color:red;/*')">XXX</x>//["'\`-->]]>]</div><div id="115"><!--[if]><script>alert(115)</script -->
-<!--[if<img src=x onerror=alert(2)//]> -->//["'\`-->]]>]</div>",
-  "result": "<div id="114">XXX//["'\`--&gt;]]&gt;]</div><div id="115"><!--[if]><script>alert(115)</script -->
-<!--[if<img src=x onerror=alert(2)//]> -->//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
@@ -522,18 +242,7 @@ exports[`dompurify compatibility > 172 > 172 1`] = `
     "<div id="125">]&gt;//["'\`--&gt;]]&gt;]</div>",
   ],
   "payload": "<div id="125"><?xml version="1.0"?><?xml-stylesheet type="text/xml" href="#stylesheet"?><!DOCTYPE doc [<!ATTLIST xsl:stylesheet  id    ID    #REQUIRED>]><svg xmlns="http://www.w3.org/2000/svg">    <xsl:stylesheet id="stylesheet" version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">        <xsl:template match="/">            <iframe xmlns="http://www.w3.org/1999/xhtml" src="javascript:alert(125)"></iframe>        </xsl:template>    </xsl:stylesheet>    <circle fill="red" r="40"></circle></svg>//["'\`-->]]>]</div>",
-  "result": "<div id="125"><!--?xml version="1.0"?--><!--?xml-stylesheet type="text/xml" href="#stylesheet"?-->]&gt;<svg xmlns="http://www.w3.org/2000/svg">                                        </svg>//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > 173 > 173 1`] = `
-{
-  "expected": "<div id="126">
-//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="126"><object id="x" classid="clsid:CB927D12-4FF7-4a9e-A169-56E4B8A75598"></object>
-<object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" onqt_error="alert(126)" style="behavior:url(#x);"><param name=postdomevents /></object>//["'\`-->]]>]</div>",
-  "result": "<div id="126"><object id="x" classid="clsid:CB927D12-4FF7-4a9e-A169-56E4B8A75598"></object>
-<object classid="clsid:02BF25D5-8C17-4B23-BC80-D3488ABDDC6B" style="behavior:url(#x);"><param name="postdomevents"></object>//["'\`--&gt;]]&gt;]</div>",
+  "result": "<div id="125">]&gt;<svg xmlns="http://www.w3.org/2000/svg">                                        <circle fill="red" r="40"></circle></svg>//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
@@ -568,7 +277,7 @@ exports[`dompurify compatibility > 175 > 175 1`] = `
     "<div id="128"><svg><style><img src="x"></style></svg></div>",
   ],
   "payload": "<div id="128"><svg><style><img/src=x onerror=alert(128)// </b>//["'\`-->]]>]</div>",
-  "result": "<div id="128"><svg></svg><img src="x" <="" b="">//["'\`--&gt;]]&gt;]</div>",
+  "result": "<div id="128"><svg></svg><img src="x" b="">//["'\`--&gt;]]&gt;]</div>",
 }
 `;
 
@@ -624,7 +333,7 @@ exports[`dompurify compatibility > 178 > 178 1`] = `
 <br>
 <input name="secret" type="password">
 </form>
-<!-- injection --><svg height="50px">
+<svg height="50px">
 
 
 
@@ -635,14 +344,6 @@ exports[`dompurify compatibility > 178 > 178 1`] = `
 }
 `;
 
-exports[`dompurify compatibility > 179 > 179 1`] = `
-{
-  "expected": "<div id="133">//["'\`--&gt;]]&gt;]</div>",
-  "payload": "<div id="133"><!-- \`<img/src=xxx onerror=alert(133)//--!>//["'\`-->]]>]</div>",
-  "result": "<div id="133"><!-- \`<img/src=xxx onerror=alert(133)//-->//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
 exports[`dompurify compatibility > 182 > 182 1`] = `
 {
   "expected": [
@@ -678,7 +379,7 @@ exports[`dompurify compatibility > Avoid over-zealous stripping of SVG filter el
 {
   "expected": "<svg><defs><filter id="f1"><feGaussianBlur stdDeviation="15" in="SourceGraphic"></feGaussianBlur></filter></defs><rect filter="url(#f1)" fill="yellow" stroke-width="3" stroke="green" height="90" width="90"></rect></svg>",
   "payload": "<svg><defs><filter id="f1"><feGaussianBlur in="SourceGraphic" stdDeviation="15" /></filter></defs><rect width="90" height="90" stroke="green" stroke-width="3" fill="yellow" filter="url(#f1)" /></svg>",
-  "result": "<svg></svg>",
+  "result": "<svg><defs><filter id="f1"></filter></defs></svg>",
 }
 `;
 
@@ -817,7 +518,7 @@ exports[`dompurify compatibility > Don't remove ARIA attributes if not prohibite
 {
   "expected": "<div class="msg" role="dialog" aria-labelledby="msg--title"><button type="button" aria-label="close" class="modal-close"><i class="icon-close"></i>some button</button></div>",
   "payload": "<div aria-labelledby="msg--title" role="dialog" class="msg"><button class="modal-close" aria-label="close" type="button"><i class="icon-close"></i>some button</button></div>",
-  "result": "<div aria-labelledby="msg--title" role="dialog" class="msg"><button class="modal-close" aria-label="close" type="button"><i class="icon-close"></i>some button</button></div>",
+  "result": "<div aria-labelledby="msg--title" role="dialog" class="msg"><button class="modal-close" aria-label="close" type="button">some button</button></div>",
 }
 `;
 
@@ -856,22 +557,6 @@ exports[`dompurify compatibility > Fixed an exception coming from missing clobbe
 }
 `;
 
-exports[`dompurify compatibility > Image after self-closing style to trick jQuery tag-completion > Image after self-closing style to trick jQuery tag-completion 1`] = `
-{
-  "expected": "<b></b>",
-  "payload": "<b><style><style////><img src=x onerror=alert(1)></style>",
-  "result": "<b><style><style////><img src=x onerror=alert(1)></style></b>",
-}
-`;
-
-exports[`dompurify compatibility > Image after style to trick jQuery tag-completion > Image after style to trick jQuery tag-completion 1`] = `
-{
-  "expected": "<b></b>",
-  "payload": "<b><style><style/><img src=x onerror=alert(1)>",
-  "result": "<b><style><style/><img src=x onerror=alert(1)></style></b>",
-}
-`;
-
 exports[`dompurify compatibility > Image with data URI src > Image with data URI src 1`] = `
 {
   "expected": "<img src="data:image/jpeg,ab798ewqxbaudbuoibeqbla">",
@@ -906,15 +591,15 @@ exports[`dompurify compatibility > Img element inside noscript terminated inside
 {
   "expected": "<b></b>",
   "payload": "<b><noscript><!-- </noscript><img src=x onerror=alert(1) --></noscript>",
-  "result": "<b><noscript><!-- </noscript><img src=x onerror=alert(1) --></noscript></b>",
+  "result": "<b><noscript></noscript></b>",
 }
 `;
 
-exports[`dompurify compatibility > Img inside style inside broken option element > Img inside style inside broken option element 1`] = `
+exports[`dompurify compatibility > Img element inside shadow DOM template > Img element inside shadow DOM template 1`] = `
 {
-  "expected": "
<option></option>",
-  "payload": "
<option><style></option></select><b><img src=x onerror=alert(1)></style></option>",
-  "result": "
<option><style></option></select><b><img src=x onerror=alert(1)></style></option>",
+  "expected": "<template><s><template><s><img src="x">@shafigullin</s></template></s></template>",
+  "payload": "<body><template><s><template><s><img src=x onerror=alert(1)>@shafigullin</s></template></s></template>",
+  "result": "<template></template>",
 }
 `;
 
@@ -1004,10 +689,10 @@ CLICKME<mtext>http://http://google.com</mtext>
 </math>//["'\`-->]]>]</div>",
   "result": "<div id="130"><math>CLICKME</math>
 <math>
-<!-- up to FF 13 -->
+
 CLICKME
 
-<!-- FF 14+ -->
+
 CLICKMEhttp://http://google.com
 </math>//["'\`--&gt;]]&gt;]</div>",
 }
@@ -1061,49 +746,6 @@ exports[`dompurify compatibility > MathML example > MathML example 1`] = `
 `;
 
 exports[`dompurify compatibility > SVG > SVG 1`] = `
-{
-  "expected": [
-    "<div id="135">
-
-<template>
-
-
-</template>
-//["'\`--&gt;]]&gt;]</div>",
-    "<div id="135">
-
-<template>
-new ActiveXObject('htmlfile').parentWindow.alert(135)
-
-</template>
-//["'\`--&gt;]]&gt;]</div>",
-    "<div id="135">
-
-<template>
-new ActiveXObject('htmlfile').parentWindow.alert(135)
-<head></head><body></body>
-</template>
-//["'\`--&gt;]]&gt;]</div>",
-    "<div id="135">
-
-
-//["'\`--&gt;]]&gt;]</div>",
-  ],
-  "payload": "<div id="135"><?xml-stylesheet type="text/xsl" href="#" ?>
-<stylesheet xmlns="http://www.w3.org/TR/WD-xsl">
-<template match="/">
-<eval>new ActiveXObject('htmlfile').parentWindow.alert(135)</eval>
-<if expr="new ActiveXObject('htmlfile').parentWindow.alert(2)"></if>
-</template>
-</stylesheet>//["'\`-->]]>]</div>",
-  "result": "<div id="135"><!--?xml-stylesheet type="text/xsl" href="#" ?-->
-
-
-//["'\`--&gt;]]&gt;]</div>",
-}
-`;
-
-exports[`dompurify compatibility > SVG > SVG 2`] = `
 {
   "expected": "<div id="137"><svg>
 <a xlink:href="?" xmlns:xlink="http://www.w3.org/1999/xlink">
@@ -1147,7 +789,7 @@ exports[`dompurify compatibility > Tests against attribute-based mXSS behavior 1
     "<svg></svg><p><img src="x">"&gt;</p>",
   ],
   "payload": "<svg><p><style><g title="</style><img src=x onerror=alert(1)>">",
-  "result": "<svg></svg><p><style><g title="</style><img src="x">"&gt;</p>",
+  "result": "<svg></svg><p><img src="x">"&gt;</p>",
 }
 `;
 
@@ -1191,30 +833,6 @@ exports[`dompurify compatibility > Tests against nesting-based mXSS behavior 3/5
 }
 `;
 
-exports[`dompurify compatibility > Textarea and comments enabling img element > Textarea and comments enabling img element 1`] = `
-{
-  "expected": "<textarea>@shafigullin</textarea>",
-  "payload": "<textarea>@shafigullin</textarea><!--</textarea><img src=x onerror=alert(1)>-->",
-  "result": "<textarea>@shafigullin</textarea><!--</textarea><img src=x onerror=alert(1)>-->",
-}
-`;
-
-exports[`dompurify compatibility > mXSS Variation I > mXSS Variation I 1`] = `
-{
-  "expected": "&lt;img onerror="alert(1);//" src=x&gt;",
-  "payload": "<listing>&lt;img onerror="alert(1);//" src=x&gt;<t t></listing>",
-  "result": "<listing>&lt;img onerror="alert(1);//" src=x&gt;</listing>",
-}
-`;
-
-exports[`dompurify compatibility > mXSS Variation II > mXSS Variation II 1`] = `
-{
-  "expected": "<img id="" src="x">",
-  "payload": "<img src=x id/=' onerror=alert(1)//'>",
-  "result": "<img src="x" id="" ='="">",
-}
-`;
-
 exports[`dompurify compatibility > onclick, onsubmit, onfocus; DOM clobbering: parentNode > onclick, onsubmit, onfocus; DOM clobbering: parentNode 1`] = `
 {
   "expected": "<div><form><input>123</form></div>",
@@ -1291,6 +909,6 @@ exports[`dompurify compatibility > src Attributes for IMG, AUDIO, VIDEO and SOUR
 {
   "expected": "<img src="data:,123"><audio src="data:,456"></audio><video src="data:,789"></video><source src="data:,012"><div></div>",
   "payload": "<img src="data:,123"><audio src="data:,456"></audio><video src="data:,789"></video><source src="data:,012"><div src="data:,345">",
-  "result": "<img><audio></audio><video></video><source><div></div>",
+  "result": "<img><audio></audio><video></video><div src="data:,345"></div>",
 }
 `;
diff --git a/test/__snapshots__/fixtures.spec.ts.snap b/test/__snapshots__/fixtures.spec.ts.snap
index f1a03dec..1d0ee512 100644
--- a/test/__snapshots__/fixtures.spec.ts.snap
+++ b/test/__snapshots__/fixtures.spec.ts.snap
@@ -6,6 +6,14 @@ exports[`fixtures > fragment 1`] = `
 `;
 
 exports[`fixtures > fragment 2`] = `
+"<div id="11">
+  <svg xmlns="http://www.w3.org/2000/svg">
+    </svg>//["'\\\`--&gt;]]&gt;]
+</div>
+"
+`;
+
+exports[`fixtures > fragment 3`] = `
 "<select>
   <template>
     <img src="x">
diff --git a/test/dompurify.spec.ts b/test/dompurify.spec.ts
index 5b60e22c..1fa3549a 100644
--- a/test/dompurify.spec.ts
+++ b/test/dompurify.spec.ts
@@ -8,7 +8,10 @@ const incorrectOverrides: Partial<Record<string, string>> = {
     'a<svg></svg>',
   'Test against fake-element-based namepsace-confusion abusing mXSS attacks 2/2':
     '<math><mtext><option></option></mtext></math>',
+  'mXSS Variation II': '<img src="x" id="">',
   68: `<div id="14"><input pattern="^((a+.)a)+$" value="aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa!">//["'\`--&gt;]]&gt;]</div>`,
+  91: `<div id="38">//["'\`--&gt;]]&gt;]</div><div id="39"></div>`,
+  97: `<div id="42"><base><a href="/. /,alert(42)//#">XXX</a>//["'\`--&gt;]]&gt;]</div>`,
 }
 
 describe('dompurify compatibility', () => {
@@ -36,6 +39,6 @@ describe('dompurify compatibility', () => {
   }
 
   test('mismatches', () => {
-    expect(mismatches).toMatchInlineSnapshot(`103`)
+    expect(mismatches).toMatchInlineSnapshot(`73`)
   })
 })
diff --git a/test/fixtures/fragment/svg-g.html b/test/fixtures/fragment/svg-g.html
new file mode 100644
index 00000000..e45b02d1
--- /dev/null
+++ b/test/fixtures/fragment/svg-g.html
@@ -0,0 +1,5 @@
+<div id="11">
+  <svg xmlns="http://www.w3.org/2000/svg">
+    <g onload="javascript:alert(11)"></g></svg
+  >//["'\`-->]]>]
+</div>