HTML URLs are not enabled
See attached files: most of my contacts don't run gajim and send me URLs that are not "enabled" by gajim (can't click on them). I was told this was because they are HTML urls (based on what we saw in the sample XML outputs), and can be security risks. For example, someone could do <a href="http://www.microsoft.com">www.gajim.org\.
I think it would be better to work around the problem than penalize users that receive html messages (I don't really think Gaim, Pandion, etc will fix their code before the next century).
Here are some possible solutions I thought out:
Slashdot-style: display the "real" URL besides the text
Replacement: replace the URL text by the real URL
Warning: when the user clicks the URL, IF the real URL and the shown text do not match, show a dialog warning him/her that the URL might be an attempt to lure him/her, and show the "real" URL. "We cannot be held responsible if suddenly thousands of catgirls fall on you from the sky".
In any case: copy-pasting URLs into a browser manually really sucks, especially since gajim selects the text that follows (and people often paste URLs then add comments 5 seconds later)