I am trying to get blog entries into a database with tags and attributes intact. Below, I configured HtmlSanitizer to allow certain elements and attributes. It seems to be working well, except that it strips the src attribute from images. I can't figure out what I am doing wrong:

require_once '../../project_core/vendor/autoload.php';

use Symfony\Component\HtmlSanitizer\HtmlSanitizer;
use Symfony\Component\HtmlSanitizer\HtmlSanitizerConfig;

// Allowed HTML elements and attributes
$allowedElements = array(
'div', 'p', 'br', 'strong', 'i', 'button', 'code', 'pre', 'em', 'a', 'ul', 'ol', 'li', 
'h1', 'h2', 'h3', 'h4', 'h5', 'h6', 'img', 'table', 'tr', 'td', 'th', 'thead', 'tbody', 
'tfoot', 'hr', 'span'
);

$config = (new HtmlSanitizerConfig())
     ->allowSafeElements($allowedElements)
     ->allowRelativeLinks()
     ->allowAttribute('href', 'a')
     ->allowAttribute('title', '*')
     ->allowAttribute('target', 'a')
     ->allowAttribute('src', 'img')
     ->allowAttribute('alt', 'img')
     ->allowAttribute('style', '*')
     ->allowAttribute('class', '*')
     ->allowAttribute('id', '*')
     ->allowAttribute('width', 'img')
     ->allowAttribute('height', 'img')
     ->allowAttribute('border', 'img')
     ->allowAttribute('cellspacing', 'table')
     ->allowAttribute('cellpadding', 'table')
     ->allowAttribute('colspan', 'td')
     ->allowAttribute('rowspan', 'td')
     ->allowAttribute('scope', 'th')
     ->allowAttribute('align', 'table', 'td', 'th')
     ->allowAttribute('valign', 'td', 'th')
     ->allowAttribute('lang', '*')
     ->allowAttribute('dir', '*')
     ->allowAttribute('type', '*')   
     ->allowAttribute('value', '*')
     ->allowAttribute('name', '*')
     ->allowAttribute('placeholder', '*')
     ->allowAttribute('onclick', '*');

$postSanitizer = new HtmlSanitizer($config);