bug: validation method does not properly check attributes that start with 'on'

[dauriamarco]

I found a bug related to the icon sanitize method that could affect the security of the component.

Basically, in the isValid method, where you should check that no attribute starts with on, what actually happens is that the value is checked and not the name of the attribute itself. In this way, as shown below, you could render an icon that on click triggers a function:

I would also suggest, as you can see from the image above, to add two new icons to show in the "Sanitized (shouldn't show)" and "Not Sanitized (should show)" sections (e.g. sanitize-attr.svg and no-sanitize-attr.svg).

I will open a pull request in order to solve this problem. Thank you very much.