--- includes/form.inc	2009-08-17 03:12:15.000000000 -0400
+++ includes/form.inc	2009-08-17 13:32:49.000000000 -0400
@@ -2587,7 +2587,7 @@
  */
 function form_clean_id($id = NULL) {
   $seen_ids = &drupal_static(__FUNCTION__, array());
-  $id = str_replace(array('][', '_', ' '), '-', $id);
+  $id = preg_replace('/[^A-Za-z0-9:.-]/', '-', $id);
 
   // Ensure IDs are unique. The first occurrence is held but left alone.
   // Subsequent occurrences get a number appended to them. This incrementing