allow mailto links in js/unsafe-external-link

javascript/ql/src/DOM/TargetBlank.ql

@@ -31,7 +31,9 @@ predicate hasDynamicHrefHostAttributeValue(DOM::ElementDefinition elem) {
       // fixed string with templating
       url.regexpMatch(Templating::getDelimiterMatchingRegexp()) and
       // ... that does not start with a fixed host or a relative path (common formats)
-      not url.regexpMatch("(?i)((https?:)?//)?[-a-z0-9.]*/.*")
+      not url.regexpMatch("(?i)((https?:)?//)?[-a-z0-9.]*/.*") and
+      // ... that is not a mailto: link
+      not url.regexpMatch("mailto:.*")
     )
   )
 }

javascript/ql/test/query-tests/DOM/TargetBlank/tst.html

@@ -26,5 +26,8 @@
   Example
 </a>
 
+<h1>OK: mailto is fine.</h1>
+<a target="_blank" href="mailto:{{var:mail}}">mail somone</a>
+
 </body>
 </html>