From dbd4f4d0f4122e9374d856a3359041fecc8dd934 Mon Sep 17 00:00:00 2001
From: Daniel Pimley <dan@pimley.net>
Date: Sat, 17 Aug 2024 12:34:51 +0100
Subject: [PATCH] Updated README

---
 README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 719b9a0..a055b00 100644
--- a/README.md
+++ b/README.md
@@ -82,6 +82,7 @@ For GitHub-Flavored Markdown:
 
 - `$parser->enableNewlines = true` to convert all newlines in the text to `<br/>` tags.
 - `$parser->renderCheckboxInputs = true` to render task items as inputs instead of emoji.
+- `$parser->disallowedRawHTML = false` to disable section 6.11 of the GFM specification.
 
 For GitLab-Flavored Markdown:
 
@@ -95,9 +96,9 @@ Security Considerations
 
 By design Markdown [allows HTML to be included within the Markdown text](https://spec.commonmark.org/0.31.2/#html-blocks), meaning that the input may contain Javascript and CSS styles. This allows Markdown to be very flexible for creating output that is not limited by the Markdown syntax, but it comes with a security risk if you are parsing untrusted input (see [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting)).
 
-The GitHub-Flavored Markdown specification includes an extension to CommonMark, [Disallowed Raw HTML (section 6.11)](https://github.github.com/gfm/#disallowed-raw-html-extension-), which defines a subset of raw HTML to be filtered and rendered as text in the output. **This parser does not implement section 6.11 of the GitHub-Flavored Markdown specification.**
+The GitHub-Flavored Markdown specification includes an extension to CommonMark, [Disallowed Raw HTML (section 6.11)](https://github.github.com/gfm/#disallowed-raw-html-extension-), which defines a subset of raw HTML to be filtered and rendered as text in the output. This parser implements section 6.11 of the GFM specification.
 
-If you are parsing user input or any other type of untrusted input, you should process the resulting HTML with tools like [HTML Purifier](http://htmlpurifier.org/) that filter out all elements which you have chosen to disallow.
+If you are parsing user input or any other type of untrusted input, you are strongly advised to process the resulting HTML with tools like [HTML Purifier](http://htmlpurifier.org/) that filter out all elements which you have chosen to disallow.
 
 Extending the language
 ----------------------