From f2d60e4946d09cabee417fefa791d0b8e668b9a9 Mon Sep 17 00:00:00 2001
From: Johannes Marbach <n0-0ne+github@mailbox.org>
Date: Thu, 17 Oct 2024 10:29:54 +0200
Subject: [PATCH] Mention the existing requirement to sanitise topics

---
 proposals/3765-rich-room-topics.md | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/proposals/3765-rich-room-topics.md b/proposals/3765-rich-room-topics.md
index cf590c25318..d10f1505515 100644
--- a/proposals/3765-rich-room-topics.md
+++ b/proposals/3765-rich-room-topics.md
@@ -106,7 +106,9 @@ described in the introductory section of [MSC1767].
 ## Security considerations
 
 Allowing HTML in room topics is subject to the same security
-considerations that apply to HTML in room messages.
+considerations that apply to HTML in room messages. In particular,
+topics are already included in the content that clients should [sanitise]
+for unsafe HTML.
 
 ## Other notes
 
@@ -133,6 +135,7 @@ blocks might have their own prefixing requirements.
 [plain text]: https://spec.matrix.org/v1.12/client-server-api/#mroomtopic
 [MSC1767]: https://github.com/matrix-org/matrix-spec-proposals/pull/1767
 [MSC3551]: https://github.com/matrix-org/matrix-spec-proposals/pull/3551
+[sanitise]: https://spec.matrix.org/v1.12/client-server-api/#security-considerations
 [server side search]: https://spec.matrix.org/v1.12/client-server-api/#server-side-search
 [stripped state]: https://spec.matrix.org/v1.12/client-server-api/#stripped-state
 [upgrading]: https://spec.matrix.org/v1.12/client-server-api/#room-upgrades