fix: sanitize_markdown handles on* event attrs and dangerous URI schemes

fix: sanitize_markdown handles on* event attrs and dangerous URI schemes #101