0.12.4dev: fixed XSS vulnerabilities based on CSS with Internet Explorer and wrong pattern for `expression`
- replace comments with a space character instead removing comments
- replace escaped backslashs with two bashslashs
- replace escaped control characters with a space character
