diff --git a/lib/loofah/html5/whitelist.rb b/lib/loofah/html5/whitelist.rb
index 6a3acb8c..385cbf70 100644
--- a/lib/loofah/html5/whitelist.rb
+++ b/lib/loofah/html5/whitelist.rb
@@ -390,7 +390,6 @@ module WhiteList
"font-style",
"font-variant",
"font-weight",
- "from",
"fx",
"fy",
"g1",
diff --git a/test/integration/test_ad_hoc.rb b/test/integration/test_ad_hoc.rb
index 29af40be..ac1e28cc 100644
--- a/test/integration/test_ad_hoc.rb
+++ b/test/integration/test_ad_hoc.rb
@@ -188,8 +188,17 @@ def test_dont_remove_whitespace_between_tags
assert_equal %{example.com}, attributes.first.value
end
end
-
end
+ # see:
+ # - https://github.com/flavorjones/loofah/issues/154
+ # - https://hackerone.com/reports/429267
+ context "xss protection from svg xmlns:xlink animate attribute" do
+ it "sanitizes appropriate attributes" do
+ html = %Q{