You are right, limiting to the http:// and https:// is not the solution, but we have at least to limit the letters before the .com .org .net and not allow forbiden characters in the host.
Dajngo urlize filter : http://docs.djangoproject.com/en/dev/ref/templates/builtins/?from=olddocs#urlize
This bug should be reported to django also if someone can do that.
You are right, limiting to the http:// and https:// is not the solution, but we have at least to limit the letters before the .com .org .net and not allow forbiden characters in the host.
Dajngo urlize filter : http:// docs.djangoproj ect.com/ en/dev/ ref/templates/ builtins/ ?from=olddocs# urlize
This bug should be reported to django also if someone can do that.