diff --git a/config/application.rb b/config/application.rb
index edee240..f4f2556 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -19,6 +19,12 @@ module Noosfero
 
     require 'noosfero/plugin'
 
+    # Adds custom attributes to the Set of allowed html attributes for the #sanitize helper
+    config.action_view.sanitized_allowed_attributes = 'align', 'border', 'alt', 'vspace', 'hspace', 'width', 'heigth', 'value', 'type', 'data', 'style', 'target', 'codebase', 'archive', 'classid', 'code', 'flashvars', 'scrolling', 'frameborder', 'controls', 'autoplay'
+
+    # Adds custom tags to the Set of allowed html tags for the #sanitize helper
+    config.action_view.sanitized_allowed_tags = 'object', 'embed', 'param', 'table', 'tr', 'th', 'td', 'applet', 'comment', 'iframe', 'audio', 'video', 'source'
+
     # Settings in config/environments/* take precedence over those specified here.
     # Application configuration should go into files in config/initializers
     # -- all .rb files in that directory are automatically loaded.
diff --git a/vendor/plugins/monkey_patches/init.rb b/vendor/plugins/monkey_patches/init.rb
index eb34bbd..98c0650 100644
--- a/vendor/plugins/monkey_patches/init.rb
+++ b/vendor/plugins/monkey_patches/init.rb
@@ -1,2 +1,3 @@
 require File.join(File.dirname(__FILE__), 'attachment_fu_validates_attachment/init')
 require File.join(File.dirname(__FILE__), 'attachment_fu/init')
+require File.join(File.dirname(__FILE__), 'white_list_sanitizer_unescape_before_reescape/init')
diff --git a/vendor/plugins/monkey_patches/white_list_sanitizer_unescape_before_reescape/init.rb b/vendor/plugins/monkey_patches/white_list_sanitizer_unescape_before_reescape/init.rb
index a6cecb6..ba56f32 100644
--- a/vendor/plugins/monkey_patches/white_list_sanitizer_unescape_before_reescape/init.rb
+++ b/vendor/plugins/monkey_patches/white_list_sanitizer_unescape_before_reescape/init.rb
@@ -1,10 +1,8 @@
-# monkey patch to fix WhiteListSanitizer bug
-# http://apidock.com/rails/HTML/WhiteListSanitizer/process_attributes_for
-#
-# this was solved in rails 2.2.1, then remove this patch when upgrade to it
+# encoding: utf-8
 
 HTML::WhiteListSanitizer.module_eval do
 
+  #unescape html comments
   def sanitize_with_filter_fixes(*args, &block)
     text = sanitize_without_filter_fixes(*args, &block)
     if text
@@ -17,19 +15,4 @@ HTML::WhiteListSanitizer.module_eval do
   end
   alias_method_chain :sanitize, :filter_fixes
 
-  # unescape before reescape to avoid:
-  # & -> &amp; -> &amp;amp; -> &amp;amp;amp; -> &amp;amp;amp;amp; -> etc
-  protected
-  def process_attributes_for(node, options)
-    return unless node.attributes
-    node.attributes.keys.each do |attr_name|
-      value = node.attributes[attr_name].to_s
-
-      if !options[:attributes].include?(attr_name) || contains_bad_protocols?(attr_name, value)
-        node.attributes.delete(attr_name)
-      else
-        node.attributes[attr_name] = attr_name == 'style' ? sanitize_css(value) : CGI::escapeHTML(value.gsub('&amp;', '&'))
-      end
-    end
-  end
 end
--
libgit2 0.21.2