Disallow data-links

Dev: https://dev.gitlab.org/gitlab/gitlabhq/issues/2652#note_68246

Description

When using links as [click this link](data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4K) an external HTML page is served with body . This is not an XSS issue and there is no vulnerability associated as the JS is not executed in the scope of GitLab and doesn't have access to its cookies but it make it worth disallowing data-links.