Fix improper handling of IE conditional comments.

Signed-off-by: Edward Z. Yang <ezyang@mit.edu>

library/HTMLPurifier/Lexer.php

@@ -230,6 +230,17 @@ class HTMLPurifier_Lexer
         );
     }
 
+    /**
+     * Special Internet Explorer conditional comments should be removed.
+     */
+    protected static function removeIEConditional($string) {
+        return preg_replace(
+            '#<!--\[if [^>]+\]>.*<!\[endif\]-->#si', // probably should generalize for all strings
+            '',
+            $string
+        );
+    }
+
     /**
      * Callback function for escapeCDATA() that does the work.
      *
@@ -260,6 +271,8 @@ class HTMLPurifier_Lexer
             $html = $this->escapeCommentedCDATA($html);
         }
 
+        $html = $this->removeIEConditional($html);
+
         // escape CDATA
         $html = $this->escapeCDATA($html);