diff --git a/inputs/wysiwyg.vue b/inputs/wysiwyg.vue
index d8c18e49a..1b9470106 100644
--- a/inputs/wysiwyg.vue
+++ b/inputs/wysiwyg.vue
@@ -170,10 +170,18 @@
   Link.sanitize = (value) => {
     if (!(/^\w+:/).test(value) && !(/^#/).test(value)) {
       // no protocol, and the link doesn't start with a hash (in-page links),
-      // so add http://
+      // so add https://
       // note: links that start with // are an antipattern, and this will NOT handle them
       // https://jeremywagner.me/blog/stop-using-the-protocol-relative-url
-      value = `http://${value}`;
+      value = `https://${value}`;
+
+      // modified links that still don't pass for valid urls will default to
+      // the default quill behavior (using about:blank)
+      try {
+        new URL(value);
+      } catch (err) {
+        value = 'about:blank';
+      }
     }
 
     return originalLinkSanitize.call(Link, value);