What feature do you want to see added?

To address security-2888, the ability to display clickable links in JUnit test output was removed entirely. Our test suite leans heavily on this feature to help streamline the process of troubleshooting failed tests and other issues, so losing the ability to have clickable links in the output has significantly impaired the usability of our test results.

Is it possible to restore this functionality in a way that does not expose an potential XSS exploit? (I noticed that the security issue mentioned that the auto-hyperlinking was "done in an unsafe manner", which seems to imply that there is a safe way to accomplish this.)

Alternatively, perhaps allowing hyperlinks could become an opt-in setting for users that are willing to trust the limited set of actors that would actually have the access / opportunity to inject something malicious into unit test output?

Upstream changes

No response