Extend `isSafeURL` util to support unknown protocols

Proposal

Based on the feature requirements like these, we should extend the isSafeUrl utility to allow unknown protocols except the potentially vulnerable protocols.

The list of potentially vulnerable protocols includes:

1. javascript:
2. data:
3. vbscript:

Security Improvement

This will help remove the usage of is-unsafe-link attribute and provide a safer alternative for it.