diff --git a/src/Microsoft.AspNet.WebUtilities/Encoders/UnicodeEncoderBase.cs b/src/Microsoft.AspNet.WebUtilities/Encoders/UnicodeEncoderBase.cs
index 7b6c0ae50e..19b5ddd90a 100644
--- a/src/Microsoft.AspNet.WebUtilities/Encoders/UnicodeEncoderBase.cs
+++ b/src/Microsoft.AspNet.WebUtilities/Encoders/UnicodeEncoderBase.cs
@@ -53,7 +53,7 @@ namespace Microsoft.AspNet.WebUtilities.Encoders
             ForbidCharacter('+'); // technically not HTML-specific, but can be used to perform UTF7-based attacks
 
             // Forbid codepoints which aren't mapped to characters or which are otherwise always disallowed
-            // (includes categories Cc, Cs, Co, Cn, Zl, Zp)
+            // (includes categories Cc, Cs, Co, Cn, Zs [except U+0020 SPACE], Zl, Zp)
             uint[] definedCharactersBitmap = UnicodeHelpers.GetDefinedCharacterBitmap();
             Debug.Assert(definedCharactersBitmap.Length == _allowedCharsBitmap.Length);
             for (int i = 0; i < _allowedCharsBitmap.Length; i++)
diff --git a/src/Microsoft.AspNet.WebUtilities/compiler/resources/unicode-7.0.0-defined-characters.bin b/src/Microsoft.AspNet.WebUtilities/compiler/resources/unicode-7.0.0-defined-characters.bin
index 61406a9b82..c9b36c871d 100644
Binary files a/src/Microsoft.AspNet.WebUtilities/compiler/resources/unicode-7.0.0-defined-characters.bin and b/src/Microsoft.AspNet.WebUtilities/compiler/resources/unicode-7.0.0-defined-characters.bin differ