Use DOMPurify isValidAttribute function to
ensure that the attributes processed by
the client-side deserializer are not dangerous