TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes

An attacker who can author rich-text content (e.g., a lower-privileged editor or via imported/external content) can embed a link or image node with a `url` field containing `javascript:` or `data:text/html` — including case-variant, whitespace-padded, and control-character-obfuscated forms. When editors or site viewers view the content, the unsanitized URL is rendered into an `href` or `src` attribute, causing the malicious script to execute in the context of the TinaCMS admin or public site. This is a stored cross-site scripting (XSS) attack.

The vulnerability resides in the rich-text parsing logic within `packages/@tinacms/mdx/src/parse/index.test.ts` and the default rich-text rendering code. The `sanitizeUrl()` helper is applied to Slate link (`a`) and image (`img`) nodes during slatejson parsing and in the render path. The patch also hardens message origin checks in `packages/tinacms/src/auth/authenticate.test.ts`, `packages/@tinacms/app/src/lib/preview-origin.test.ts`, and `packages/tinacms/src/react.test.tsx`, though those changes address separate trusted-boundary issues.

The patch introduces a `sanitizeUrl()` helper that performs a case-insensitive, whitespace/control-character-normalized scheme allow-list check. This helper is applied recursively to Slate trees during slatejson parsing (in `packages/@tinacms/mdx/src/parse/index.test.ts`) and also in the default rich-text rendering path as a defense-in-depth layer. Unsafe schemes like `javascript:` and `data:` are cleared to an empty string, while safe URLs (e.g., `https://`) remain unchanged. The patch also adds regression tests confirming that unsafe URLs on link and image nodes are sanitized, nested nodes are handled, and arbitrary non-slate props are left untouched.