bug-fix: Fix cross site scripting vulnerability in OGTag (#907)

Fixes: [CLNP-1845](https://sendbird.atlassian.net/browse/CLNP-1845)

### Changelogs
- Fixed cross site scripting vulnerability in OGTag

[CLNP-1845]:
https://sendbird.atlassian.net/browse/CLNP-1845?atlOrigin=eyJpIjoiNWRkNTljNzYxNjVmNDY3MDlhMDU5Y2ZhYzA5YTRkZjUiLCJwIjoiZ2l0aHViLWNvbS1KU1cifQ

Author: chohongm

src/ui/OGMessageItemBody/index.tsx

@@ -37,8 +37,15 @@ export default function OGMessageItemBody({
 }: Props): ReactElement {
   const imageRef = useRef<HTMLDivElement>(null);
   const { stringSet } = useContext(LocalizationContext);
+
   const openOGUrl = (): void => {
-    if (message?.ogMetaData?.url) window.open(message?.ogMetaData?.url);
+    let url = message?.ogMetaData?.url;
+    if (url) {
+      if (!url.startsWith('http://') && !url.startsWith('https://')) {
+        url = 'https://' + url;
+      }
+      window.open(url);
+    }
   };
   const isMessageMentioned = isMentionEnabled && message?.mentionedMessageTemplate?.length > 0 && message?.mentionedUsers?.length > 0;
   const tokens = useMemo(() => {