Added mailto protocol to safe list

spec/xss.js

@@ -218,6 +218,9 @@ describe("XSS", function () {
             }, {
                 entered: 'WWW.SOMETHING.COM/?x=dKasdDAsd4JAsd3OAJSD23osajAidj',
                 href: 'http://WWW.SOMETHING.COM/?x=dKasdDAsd4JAsd3OAJSD23osajAidj',
+            }, {
+                entered: 'mailto:test@mail.org',
+                href: 'mailto:test@mail.org',
             }];
 
             function checkNonParsedURL (url) {
@@ -259,6 +262,9 @@ describe("XSS", function () {
             await mock.sendMessage(view, good_urls[4].entered);
             checkParsedURL(good_urls[4]);
 
+            await mock.sendMessage(view, good_urls[5].entered);
+            checkParsedURL(good_urls[5]);
+
             done();
         }));
     });

src/utils/html.js

@@ -22,7 +22,7 @@ import tpl_video from "../templates/video.js";
 import u from "../headless/utils/core";
 
 const URL_REGEX = /\b(https?\:\/\/|www\.|https?:\/\/www\.)[^\s<>]{2,200}\b\/?/g;
-const APPROVED_URL_PROTOCOLS = ['http', 'https', 'xmpp'];
+const APPROVED_URL_PROTOCOLS = ['http', 'https', 'xmpp', 'mailto'];
 
 function getAutoCompleteProperty (name, options) {
     return {