- **status**: open --> review - **Comment**: db/8599
images that are links are not handled on this ticket. Should we do something about it in a next ticket? There could be images that look like text. But it could be annoying to show a domain after every image link (especially a row of badges) another overall consideration instead of appending `(evil.com)` or in addition to that, we could have a popup when clicking on it to confirm you're ok going to the site. Seems like more work than is worth it --- **[tickets:#8599] show domain on external links, if misleading** **Status:** review **Milestone:** unreleased **Created:** Fri Mar 27, 2026 08:53 PM UTC by Dave Brondsema **Last Updated:** Fri Mar 27, 2026 08:53 PM UTC **Owner:** Dave Brondsema When showing links (e.g originating from markdown, but really any html output) we should do something about links that could be misleading. For example with `<a href=https://evil.com/>sourceforge.net/auth/</a>` we could automatically append `(evil.com)` into the output so its obvious when its misleading. We should also check for non-ascii domain names (IDN) and if they have chars that are potentially confusing with normal ascii, then show the decoded domain name (even if the link & text match, if the chars could be confusing) --- Sent from forge-allura.apache.org because [email protected] is subscribed to https://forge-allura.apache.org/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
