From 754c601e34516b6bf249a2230744e1c81547b9b9 Mon Sep 17 00:00:00 2001
From: Ron Kok <ronkok55@outlook.com>
Date: Sat, 11 Jul 2020 11:04:27 -0700
Subject: [PATCH] Add note re: HTML to security documentation page (#2296)

* Add note re: HTML to security documentation page

* Update docs/security.md

Co-authored-by: ylemkimon <y@ylem.kim>

Co-authored-by: ylemkimon <y@ylem.kim>
Co-authored-by: Erik Demaine <edemaine@mit.edu>
---
 docs/security.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/security.md b/docs/security.md
index 609d0b05..ac714b11 100644
--- a/docs/security.md
+++ b/docs/security.md
@@ -13,7 +13,7 @@ A variety of options give finer control over the security of KaTeX
 with untrusted inputs; refer to [Options](options.md) for more details.
 * `maxSize` can prevent large width/height visual affronts.
 * `maxExpand` can prevent infinite macro loop attacks.
-* `trust` can allow certain commands that are not always safe (e.g., `\includegraphics`)
+* `trust` can allow certain commands that may load external resources or change HTML attributes and thus are not always safe (e.g., `\includegraphics` or `\htmlClass`)
 
 The error message thrown by KaTeX may contain unescaped LaTeX source code.
 See [Handling Errors](error.md) for more details.