Revert "Merge branch 'markdown-xss-fix-option-2' into 'security'

This reverts commit eb54c711.

lib/banzai/filter/autolink_filter.rb

@@ -71,11 +71,6 @@ module Banzai
         @doc = parse_html(rinku)
       end
 
-      # Return true if any of the UNSAFE_PROTOCOLS strings are included in the URI scheme
-      def contains_unsafe?(scheme)
-        Banzai::Filter::SanitizationFilter::UNSAFE_PROTOCOLS.any? { |protocol| scheme.include?(protocol) }
-      end
-
       # Autolinks any text matching LINK_PATTERN that Rinku didn't already
       # replace
       def text_parse
@@ -84,14 +79,6 @@ module Banzai
 
           next unless content.match(LINK_PATTERN)
 
-          begin
-            uri = Addressable::URI.parse(content)
-            uri.scheme = uri.scheme.strip.downcase if uri.scheme
-            next if contains_unsafe?(uri.scheme)
-          rescue Addressable::URI::InvalidURIError
-            next
-          end
-
           html = autolink_filter(content)
 
           next if html == content

spec/lib/banzai/filter/autolink_filter_spec.rb

@@ -99,28 +99,6 @@ describe Banzai::Filter::AutolinkFilter, lib: true do
       expect(doc.at_css('a')['href']).to eq link
     end
 
-    it 'autolinks rdar' do
-      link = 'rdar://localhost.com/blah'
-      doc = filter("See #{link}")
-
-      expect(doc.at_css('a').text).to eq link
-      expect(doc.at_css('a')['href']).to eq link
-    end
-
-    it 'does not autolink javascript' do
-      link = 'javascript://alert(document.cookie);'
-      doc = filter("See #{link}")
-
-      expect(doc.to_s).not_to include('href="javascript://')
-    end
-
-    it 'does not autolink bad URLs' do
-      link = 'foo://23423:::asdf'
-      doc = filter("See #{link}")
-
-      expect(doc.to_s).to eq("See #{link}")
-    end
-
     it 'does not include trailing punctuation' do
       doc = filter("See #{link}.")
       expect(doc.at_css('a').text).to eq link