Stored XSS in RDoc hyperlinks through javascript scheme

Hello, I found that it is possible to bypass the XSS filtering made in a series of patches to solve #1187156 report. The #1187156 wasn't sent by me, I found the 'hyperlinks' fixes from investigating the git log. PoC ---- Create the file with the following link: ``` x[blocked:alert(1)] ``` The output html file will contain: ```html <a href="blocked:alert(1)">x</a> ``` ## Impact A cross-site scripting (XSS) vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.