#8599 show domain on external links, if misleading
When showing links (e.g originating from markdown, but really any html output) we should do something about links that could be misleading. For example with <a href=https://evil.com/>sourceforge.net/auth/</a> we could automatically append (evil.com) into the output so its obvious when its misleading.
We should also check for non-ascii domain names (IDN) and if they have chars that are potentially confusing with normal ascii, then show the decoded domain name (even if the link & text match, if the chars could be confusing)
db/8599
images that are links are not handled on this ticket. Should we do something about it in a next ticket? There could be images that look like text. But it could be annoying to show a domain after every image link (especially a row of badges)
another overall consideration instead of appending
(evil.com)or in addition to that, we could have a popup when clicking on it to confirm you're ok going to the site. Seems like more work than is worth it