diff --git a/lib/xss.js b/lib/xss.js
index c6c0de2e..1ab08576 100644
--- a/lib/xss.js
+++ b/lib/xss.js
@@ -1,5 +1,7 @@
 var sanitizeHTML = require("sanitize-html");
 
+// These tags are allowed in addition to the defaults
+// See https://github.com/punkave/sanitize-html
 const ALLOWED_TAGS = [
     "button",
     "center",
@@ -16,12 +18,11 @@ const ALLOWED_TAGS = [
 
 const ALLOWED_ATTRIBUTES = [
     "id",
-    "aria-hidden",
+    "aria-*",
     "border",
     "class",
     "color",
-    "data-dismiss",
-    "data-target",
+    "data-*",
     "height",
     "role",
     "style",
diff --git a/package.json b/package.json
index c5399365..b39eec34 100644
--- a/package.json
+++ b/package.json
@@ -22,7 +22,7 @@
     "nodemailer": "^1.2.0",
     "oauth": "^0.9.12",
     "q": "^1.0.1",
-    "sanitize-html": "^1.4.3",
+    "sanitize-html": "git://github.com/calzoneman/sanitize-html#5022eb6c",
     "serve-static": "^1.5.3",
     "socket.io": "^1.2.1",
     "yamljs": "^0.1.5"